Published: 01/06/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Subscribe to Openldap

Stack-based buffer overflow in st.c in slurpd for OpenLDAP prior to 2.3.22 might allow malicious users to execute arbitrary code via a long hostname.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openldap openldap 2.2.14
openldap openldap 2.2.15
openldap openldap 2.2.16
openldap openldap 2.2.17
openldap openldap 2.2.11
openldap openldap 2.2.12
openldap openldap 2.2.13
openldap openldap 2.2.20
openldap openldap 2.2.21
openldap openldap 2.2.1
openldap openldap 2.2.18
openldap openldap 2.2.19

When processing overly long host names in OpenLDAP’s slurpd replication server, a buffer overflow caused slurpd to crash ...

NVD-CWE-Other http://www.openldap.org/software/release/changes.html http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff?r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=h http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c?hideattic=1&sortbydate=0#rev1.22 http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.008-openldap.html http://www.osvdb.org/25659 http://secunia.com/advisories/20126 http://secunia.com/advisories/20495 http://www.gentoo.org/security/en/glsa/glsa-200606-17.xml http://secunia.com/advisories/20685 http://secunia.com/advisories/20848 http://www.mandriva.com/security/advisories?name=MDKSA-2006:096 http://www.vupen.com/english/advisories/2006/1921 https://usn.ubuntu.com/305-1/http://www.securityfocus.com/archive/1/436674/100/0/threaded https://usn.ubuntu.com/305-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook