Netscape Directory Server vulnerabilities

CVE-2004-1236 [CRITICAL] CVE-2004-1236: Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other ope Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.

CVE-2004-0826 [HIGH] CVE-2004-0826: Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attacke Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

CVE-2001-0164 [HIGH] CVE-2001-0164: Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a den Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.

CVE-2000-1076 [CRITICAL] CVE-2000-1076: Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administra Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.

CVE-2000-1075 [MEDIUM] CVE-2000-1075: Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.

CVE-1999-0007 [MEDIUM] CWE-327 CVE-1999-0007: Information from SSL-encrypted sessions via PKCS #1. Information from SSL-encrypted sessions via PKCS #1.