Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2015-1546

Published: 12/02/2015 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Openldap

Vulnerability Summary

Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote malicious users to cause a denial of service (crash) via a crafted search query with a matched values control.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openldap openldap 2.4.40

opensuse opensuse 13.1

opensuse opensuse 13.2

apple mac os x 10.10.2

Vendor Advisories

Debian CVElist Bug Report Logs: openldap: CVE-2015-1545: crashes on search with deref control and empty attr list
Debian Bug report logs - #776988 openldap: CVE-2015-1545: crashes on search with deref control and empty attr list Package: slapd; Maintainer for slapd is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Source for slapd is src:openldap (PTS, buildd, popcon) Reported by: Ryan Tandy <ryan@nardisca ...
Debian CVElist Bug Report Logs: openldap: CVE-2015-1546: crash in valueReturnFilter cleanup
Debian Bug report logs - #776991 openldap: CVE-2015-1546: crash in valueReturnFilter cleanup Package: slapd; Maintainer for slapd is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Source for slapd is src:openldap (PTS, buildd, popcon) Reported by: Ryan Tandy <ryan@nardisca> Date: Tue, 3 F ...
Red Hat: CVE-2015-1546
Double free vulnerability in the get_vrFilter function in servers/slapd/filterc in OpenLDAP 2440 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matched values control ...

References

NVD-CWE-Otherhttp://secunia.com/advisories/62787http://www.openwall.com/lists/oss-security/2015/02/07/3http://www.openldap.org/its/?findid=8046https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776991http://www.mandriva.com/security/advisories?name=MDVSA-2015:073https://support.apple.com/HT204659http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-07/msg00069.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/100938http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=2f1a2dd329b91afe561cd06b872d09630d4edb6ahttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988https://access.redhat.com/security/cve/cve-2015-1546
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook