Filtered by vendor Fedoraproject
Subscriptions
Total
5167 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-1897 | 1 Fedoraproject | 1 389 Directory Server | 2013-05-14 | N/A |
The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search. | ||||
CVE-2012-4450 | 1 Fedoraproject | 1 389 Directory Server | 2013-03-08 | N/A |
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry. | ||||
CVE-2012-4415 | 2 Fedoraproject, Guac-dev | 2 Fedora, Guacamole | 2012-10-01 | N/A |
Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name. | ||||
CVE-2012-0833 | 1 Fedoraproject | 1 389 Directory Server | 2012-07-17 | N/A |
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server. | ||||
CVE-2011-0019 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Directory Server | 2011-03-31 | N/A |
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via multiple search requests. | ||||
CVE-2011-0022 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Directory Server | 2011-03-31 | N/A |
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory. | ||||
CVE-2009-1896 | 2 Fedoraproject, Sun | 2 Fedora, Openjdk | 2009-08-26 | N/A |
The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX. |