Published: 28/07/2010 Updated: 21/01/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openldap openldap 2.4.22
vmware esxi 4.1
vmware esxi 4.0
opensuse opensuse 11.0
apple mac os x server
apple mac os x

Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomäki discovered that the slap_modrdn2mods function in modrdnc in OpenLDAP does not check the return value from a call to the smr_normalize function A remote attacker could use specially crafted modrdn requests to crash the slapd daemon or possibly execute arbitrary code (CVE- ...

Synopsis Moderate: openldap security update Type/Severity Security Advisory: Moderate Topic Updated openldap packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerabi ...

Synopsis Moderate: openldap security update Type/Severity Security Advisory: Moderate Topic Updated openldap packages that fix two security issues are now availablefor Red Hat Enterprise Linux 4The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability ...

Two remote vulnerabilities have been discovered in OpenLDAP The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0211 The slap_modrdn2mods function in modrdnc in OpenLDAP 2422 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a den ...

source: wwwsecurityfocuscom/bid/41770/info OpenLDAP is prone to multiple vulnerabilities Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application or cause denial-of-service conditions OpenLDAP 2422 is vulnerable; other versions may also be affected ldapmodrdn -x cn=so ...

CWE-252 http://www.redhat.com/support/errata/RHSA-2010-0542.html http://www.redhat.com/support/errata/RHSA-2010-0543.html http://secunia.com/advisories/40639 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570 http://secunia.com/advisories/40677 http://www.vupen.com/english/advisories/2010/1858 http://secunia.com/advisories/40687 http://www.securitytracker.com/id?1024221 http://www.securityfocus.com/bid/41770 http://www.vupen.com/english/advisories/2010/1849 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://support.apple.com/kb/HT4435 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://www.vmware.com/security/advisories/VMSA-2011-0001.html http://www.vupen.com/english/advisories/2011/0025 http://secunia.com/advisories/42787 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://security.gentoo.org/glsa/glsa-201406-36.xml http://www.securityfocus.com/archive/1/515545/100/0/threaded https://usn.ubuntu.com/965-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/34348/

CVE-2010-0211

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect