Download
| Alert*
oval:org.secpod.oval:def:1800183
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Reference: Patch: oval:org.secpod.oval:def:1800861 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Reference Patch oval:org.secpod.oval:def:1800072 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Reference:¶ Patch:¶ oval:org.secpod.oval:def:89044595 This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed Non security bugs fixed: - Let OpenLDAP read system-wide certificates by default and don"t hide the error if the user ... oval:org.secpod.oval:def:204685 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:112625 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:502095 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:51810 openldap: OpenLDAP utilities OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:1800565 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.. oval:org.secpod.oval:def:703638 openldap: OpenLDAP utilities OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:602909 Karsten Heymann discovered that the OpenLDAP directory server can be crashed by performing a paged search with a page size of 0, resulting in denial of service. This vulnerability is limited to the MDB storage backend. oval:org.secpod.oval:def:1501944 The advisory is missing the security advisory description. For more information please visit the reference link |