slapd in OpenLDAP 2.0 up to and including 2.0.19 allows local users, and anonymous users prior to 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openldap openldap 2.0 |
||
openldap openldap |
||
redhat linux 7.0 |
||
redhat linux 7.1 |
||
redhat linux 7.2 |