CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.4%
Cameron Hotchkies discovered that OpenLDAP did not correctly handle
certain ASN.1 BER data. A remote attacker could send a specially crafted
packet and crash slapd, leading to a denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | slapd | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | ldap-utils | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libldap-2.4-2 | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libldap-2.4-2-dbg | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libldap2-dev | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | slapd-dbg | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | slapd | < 2.3.35-1ubuntu0.3 | UNKNOWN |
Ubuntu | 7.10 | noarch | ldap-utils | < 2.3.35-1ubuntu0.3 | UNKNOWN |
Ubuntu | 7.10 | noarch | libldap-2.3-0 | < 2.3.35-1ubuntu0.3 | UNKNOWN |
Ubuntu | 7.04 | noarch | slapd | < 2.3.30-2ubuntu0.3 | UNKNOWN |