Redhat

Directory Server

41 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.28%
  • Veröffentlicht 23.02.2011 19:00:01
  • Zuletzt bearbeitet 16.06.2026 23:27:34

The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to ga...

  • EPSS 0.35%
  • Veröffentlicht 17.08.2010 20:00:03
  • Zuletzt bearbeitet 16.06.2026 23:20:22

The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords for Directory...

  • EPSS 2.85%
  • Veröffentlicht 29.08.2008 18:41:00
  • Zuletzt bearbeitet 16.06.2026 22:55:32

Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authent...

  • EPSS 6.56%
  • Veröffentlicht 29.08.2008 18:41:00
  • Zuletzt bearbeitet 16.06.2026 22:54:45

Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to ...

  • EPSS 1.7%
  • Veröffentlicht 29.08.2008 18:41:00
  • Zuletzt bearbeitet 16.06.2026 22:54:45

Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Dir...

  • EPSS 6.64%
  • Veröffentlicht 29.08.2008 18:41:00
  • Zuletzt bearbeitet 16.06.2026 22:54:45

Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP...

  • EPSS 4.93%
  • Veröffentlicht 12.05.2008 16:20:00
  • Zuletzt bearbeitet 16.06.2026 22:52:14

Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the ove...

  • EPSS 2.01%
  • Veröffentlicht 16.04.2008 18:05:00
  • Zuletzt bearbeitet 16.06.2026 22:50:33

Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.

  • EPSS 14.02%
  • Veröffentlicht 16.04.2008 18:05:00
  • Zuletzt bearbeitet 16.06.2026 22:50:33

The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands.

  • EPSS 0.41%
  • Veröffentlicht 20.03.2008 00:44:00
  • Zuletzt bearbeitet 16.06.2026 22:50:32

Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script.