Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 15 results


CVE-2011-4079

Medium priority
Fixed

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow,...

2 affected packages

openldap, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.3
Show less packages

CVE-2011-1081

Medium priority
Fixed

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value...

3 affected packages

openldap, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.2
openldap2.3
Show less packages

CVE-2011-1025

Negligible priority
Fixed

bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.

3 affected packages

openldap, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.2
openldap2.3
Show less packages

CVE-2011-1024

Medium priority
Fixed

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass...

3 affected packages

openldap, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.2
openldap2.3
Show less packages

CVE-2010-0212

Medium priority
Fixed

OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer...

3 affected packages

openldap, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.2
openldap2.3
Show less packages

CVE-2010-0211

Medium priority
Fixed

The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly...

3 affected packages

openldap, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.2
openldap2.3
Show less packages

CVE-2009-3767

Medium priority
Fixed

libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate,...

4 affected packages

openldap, openldap2, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2
openldap2.2
openldap2.3
Show less packages

CVE-2008-2952

Medium priority
Fixed

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.

3 affected packages

openldap, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap
openldap2.2
openldap2.3
Show less packages

CVE-2008-0658

Medium priority

Some fixes available 4 of 8

slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related...

3 affected packages

openldap2, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap2
openldap2.2
openldap2.3
Show less packages

CVE-2007-6698

Medium priority

Some fixes available 4 of 8

The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a...

3 affected packages

openldap2, openldap2.2, openldap2.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openldap2
openldap2.2
openldap2.3
Show less packages