The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of OpenLDAP

OpenLDAP: privilege escalation via SASL
An attacker can bypass restrictions via SASL of OpenLDAP, in order to escalate his privileges...
9052, CVE-2019-13565, DLA-1891-1, HT210788, openSUSE-SU-2019:2157-1, openSUSE-SU-2019:2176-1, SUSE-SU-2019:2390-1, SUSE-SU-2019:2395-1, USN-4078-1, USN-4078-2, VIGILANCE-VUL-29900
OpenLDAP: privilege escalation via rootDN
An attacker can bypass restrictions via rootDN of OpenLDAP, in order to escalate his privileges...
9038, CVE-2019-13057, DLA-1891-1, HT210788, openSUSE-SU-2019:2157-1, openSUSE-SU-2019:2176-1, SUSE-SU-2019:2390-1, SUSE-SU-2019:2395-1, USN-4078-1, USN-4078-2, VIGILANCE-VUL-29899
OpenLDAP: use after free via nops/memberof MODDN
An attacker can force the usage of a freed memory area via nops/memberof of OpenLDAP, in order to trigger a denial of service, and possibly to run code...
8759, CVE-2017-17740, openSUSE-SU-2019:2157-1, openSUSE-SU-2019:2176-1, SUSE-SU-2018:4150-1, SUSE-SU-2019:0931-1, SUSE-SU-2019:2395-1, VIGILANCE-VUL-24806
OpenLDAP: denial of service via PID File
An attacker can generate a fatal error via PID File of OpenLDAP, in order to trigger a denial of service...
8703, CVE-2017-14159, VIGILANCE-VUL-23806
OpenLDAP: denial of service via the search option "Paged Results"
An attacker can generate a fatal error via the search option "Paged Results" in OpenLDAP, in order to trigger a denial of service...
8655, CVE-2017-9287, DLA-972-1, DSA-3868-1, FEDORA-2017-1ca18683e4, openSUSE-SU-2017:2181-1, RHSA-2017:1852-01, SUSE-SU-2019:0931-1, USN-3307-1, USN-3307-2, VIGILANCE-VUL-22861
OpenLDAP: incorrect algorithm choice for TLS in multi-keyword
An attacker can force the TLS session of OpenLDAP to choose a weaker algorithm if the configured cipherstring contains several keywords, in order to more easily attack this session...
1238322, CVE-2015-3276, FEDORA-2017-ceb1b8659e, RHSA-2015:2131-03, VIGILANCE-VUL-18342
OpenLDAP: denial of service via ber_get_next
An attacker can send a malicious LDAP packet, to force an assertion error in the ber_get_next() function of OpenLDAP, in order to trigger a denial of service...
CERTFR-2015-AVI-388, CVE-2015-6908, DSA-2020-030, DSA-3356-1, ITS#8240, openSUSE-SU-2016:0226-1, openSUSE-SU-2016:0255-1, openSUSE-SU-2016:0261-1, RHSA-2015:1840-01, SUSE-SU-2016:0224-1, USN-2742-1, VIGILANCE-VUL-17868
OpenLDAP: use after free via Matched Values
An attacker can force the usage of a freed memory area in Matched Values of OpenLDAP, in order to trigger a denial of service, and possibly to execute code...
776991, 8046, CVE-2015-1546, MDVSA-2015:073, openSUSE-SU-2015:1325-1, VIGILANCE-VUL-16125
OpenLDAP: NULL pointer dereference via deref
An attacker can force a NULL pointer to be dereferenced in the deref overlay of OpenLDAP, in order to trigger a denial of service...
8027, bulletinjul2015, CVE-2015-1545, DSA-3209-1, FEDORA-2015-2055, HT210788, MDVSA-2015:073, MDVSA-2015:074, openSUSE-SU-2015:1325-1, USN-2622-1, VIGILANCE-VUL-16124
OpenLDAP: use after free via rwm overlay
An attacker can perform a query followed by an unbind, to use a freed memory area in the rwm overlay feature of OpenLDAP, in order to trigger a denial of service, and possibly to execute code...
1019490, 7723, CSCun32529, CVE-2013-4449, DSA-3209-1, FEDORA-2014-2012, FEDORA-2014-2967, HT210788, MDVSA-2014:026, RHSA-2014:0126-01, RHSA-2014:0206-01, USN-2622-1, VIGILANCE-VUL-14171
Our database contains other pages. You can request a free trial to read them.

Display information about OpenLDAP: