Search CVE reports
11 – 15 of 15 results
CVE-2007-5708
Low prioritySome fixes available 4 of 8
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and...
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2007-5707
Medium prioritySome fixes available 4 of 8
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-6493
Unknown priorityBuffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary...
2 affected packages
openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-5779
Unknown priorityOpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
2 affected packages
openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2005-2069
Unknown prioritySome fixes available 7 of 9
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and...
4 affected packages
libnss-ldap, openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libnss-ldap | — | — | — | — | — |
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |