The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 up to and including 2.4.40 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openldap openldap 2.4.39 |
||
openldap openldap 2.4.17 |
||
openldap openldap 2.4.37 |
||
openldap openldap 2.4.26 |
||
openldap openldap 2.4.31 |
||
openldap openldap 2.4.40 |
||
openldap openldap 2.4.16 |
||
openldap openldap 2.4.29 |
||
openldap openldap 2.4.32 |
||
openldap openldap 2.4.22 |
||
openldap openldap 2.4.25 |
||
openldap openldap 2.4.20 |
||
openldap openldap 2.4.15 |
||
openldap openldap 2.4.18 |
||
openldap openldap 2.4.27 |
||
openldap openldap 2.4.36 |
||
openldap openldap 2.4.38 |
||
openldap openldap 2.4.28 |
||
openldap openldap 2.4.23 |
||
openldap openldap 2.4.24 |
||
openldap openldap 2.4.34 |
||
openldap openldap 2.4.14 |
||
openldap openldap 2.4.19 |
||
openldap openldap 2.4.21 |
||
openldap openldap 2.4.30 |
||
openldap openldap 2.4.13 |
||
openldap openldap 2.4.35 |
||
openldap openldap 2.4.33 |