Published: 11/09/2015 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and previous versions allows remote malicious users to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openldap openldap
apple mac os x

Debian Bug report logs - #798622 openldap: CVE-2015-6908: ber_get_next denial of service vulnerability Package: src:openldap; Maintainer for src:openldap is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 11 Sep 2015 06:15:02 UT ...

Several security issues were fixed in OpenLDAP ...

Denis Andzakovic discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, does not properly handle BER data An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet For the oldstable distribution (wheezy), this problem has been fixed ...

A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data A remote attacker could use this flaw to crash slapd via a specially crafted packet (CVE-2015-6908) ...

# Exploit Title: OpenLDAP 2442 ber_get_next DOS # Date: 11/09/15 # Exploit Author: Denis Andzakovic - Security-Assessmentcom # Vendor Homepage: wwwopenldaporg/ # Software Link: ftp://ftpopenldaporg/pub/OpenLDAP/openldap-release/openldap-2442tgz # Version: <= 2442 # Tested on: Debian 8 ( , ) (, '' ) (' ', ...

CWE-20 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240 http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html https://support.apple.com/HT205637 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76714 http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html http://rhn.redhat.com/errata/RHSA-2015-1840.html http://www.ubuntu.com/usn/USN-2742-1 http://www.securitytracker.com/id/1033534 http://www.security-assessment.com/files/documents/advisory/OpenLDAP-ber_get_next-Denial-of-Service.pdf http://www.debian.org/security/2015/dsa-3356 http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798622 https://usn.ubuntu.com/2742-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/38145/

CVE-2015-6908

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect