CVE-2009-1417 (gnutls) gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by [...]
Posts Tagged ‘LDAP’
New nss-ldapd packages fix information disclosure
[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure <!– Envelope-to: email@address Delivery-date: Tue, 31 Mar 2009 16:30:11 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1Loful-0002kK-BI for email@address; Tue, 31 Mar 2009 16:30:11 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 85B18237372; Tue, 31 Mar [...]
New nss-ldapd packages fix information disclosure
[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure Posted by Moritz Muehlenhoff on Mar 30 ———————————————————————— Debian Security Advisory DSA-1758-1 security_at_debian.org www.debian.org/security/ Moritz Muehlenhoff March 30, 2009 … URL: http://seclists.org/fulldisclosure/2009/Mar/0440.html
PADL nss_ldap ‘/etc/nss_ldapd.conf’ Local Information Disclosure Vulnerability
Vuln: PADL nss_ldap ‘/etc/nss_ldapd.conf’ Local Information Disclosure Vulnerability PADL nss_ldap ‘/etc/nss_ldapd.conf’ Local Information Disclosure Vulnerability URL: http://www.securityfocus.com/bid/34211
1094 (jdk, jre)
CVE-2009-1094 (jdk, jre) Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data. [...]
1093 (jdk, jre)
CVE-2009-1093 (jdk, jre) LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial [...]
LDAP Injection
RE: LDAP Injection Posted by Erez Metula on Mar 18 Hey Jon, Give a try to the "Ldap Injector" tool (Alonso/Parada), capable of performing blind ldap injection attacks. Cheers, Erez. ________________________________ Erez Metula, CISSP Application Security Department Manager, 2BSecure Mobile: 972-54-2108830 Office:… URL: http://seclists.org/pen-test/2009/Mar/0094.html
Infoblox Secures $21 Million Investment
Infoblox Secures $21 Million Investment Infoblox, a developer of appliances for core network identity services, today announced that it has closed $21 million in additional funding, reinforcing the company’s position as the market leader for network identity appliances that address network protocols like DNS, DHCP, RADIUS, and LDAP. URL: http://feedproxy.google.com/~r/InfobloxNewsFeed/~3/5afAjCuP4SA/release.cfm
Cricket Liu Joins Infoblox
Cricket Liu Joins Infoblox Infoblox, a leading developer of appliances for core network services, today announced the appointment of Cricket Liu. Best known for its award-winning DNS One appliance, Infoblox develops products that simplify deployment and administration of core network services like DNS, DHCP, RADIUS, and LDAP. Cricket will provide strategic guidance on the development [...]
Infoblox Partners with Terilogy to Expand Sales in Japan
Infoblox Partners with Terilogy to Expand Sales in Japan Infoblox, a leading network appliances developer, announced today a partnership agreement with Japanese network infrastructure integrator, Terilogy, to provide direct sales and sales support for Infobloxˇ¦s line of appliances in Japan. Best known for its flagship appliance, DNS One, Infoblox offers task-specific appliances for the following [...]
