An off-by-one error leading to a crash exists in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openldap openldap 2.4 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |