Published: 13/02/2008 Updated: 15/10/2018

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Subscribe to Openldap

slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openldap openldap 2.3.39

Jonathan Clarke discovered that the OpenLDAP slapd server did not properly handle modify requests when using the Berkeley DB backend and specifying the NOOP control An authenticated user with modify permissions could send a crafted modify request and cause a denial of service via application crash Ubuntu 710 is not affected by this issue ( ...

CWE-399 http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358 http://secunia.com/advisories/28914 http://secunia.com/advisories/28926 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059 http://www.securityfocus.com/bid/27778 http://secunia.com/advisories/28953 http://www.redhat.com/support/errata/RHSA-2008-0110.html http://www.securitytracker.com/id?1019481 http://secunia.com/advisories/29068 http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 http://www.ubuntu.com/usn/usn-584-1 http://secunia.com/advisories/29225 http://secunia.com/advisories/29256 http://security.gentoo.org/glsa/glsa-200803-28.xml http://secunia.com/advisories/29461 http://www.debian.org/security/2008/dsa-1541 http://secunia.com/advisories/29682 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html http://secunia.com/advisories/29957 http://wiki.rpath.com/Advisories:rPSA-2008-0059 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://support.apple.com/kb/HT3937 http://www.vupen.com/english/advisories/2009/3184 http://www.vupen.com/english/advisories/2008/0536/references https://exchange.xforce.ibmcloud.com/vulnerabilities/40479 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470 http://www.securityfocus.com/archive/1/488242/100/200/threaded https://usn.ubuntu.com/584-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook