Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2021-27212

Published: 14/02/2021 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Openldap

Vulnerability Summary

In OpenLDAP up to and including 2.4.57 and 2.5.x up to and including 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openldap openldap 2.5.1

openldap openldap 2.5.0

openldap openldap

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Debian Security Advisories: DSA-4860-1 openldap -- security update
A vulnerability in the Certificate List Exact Assertion validation was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service (slapd daemon crash) via specially crafted packets For the stable distribution (buster), t ...
Amazon Linux 2: ALAS2-2023-2033
An issue was discovered in OpenLDAP 2x before 2448 When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs After the first SASL bind is completed, the sasl_ssf ...
Amazon Linux AMI: ALAS-2023-1741
An issue was discovered in OpenLDAP 2x before 2448 When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs After the first SASL bind is completed, the sasl_ssf ...
Arch Linux Issues:
In OpenLDAP through 2457 and 25x through 251alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp This is related to schema_initc and checkTime ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-617https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0https://bugs.openldap.org/show_bug.cgi?id=9454https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30https://lists.debian.org/debian-lts-announce/2021/02/msg00035.htmlhttps://www.debian.org/security/2021/dsa-4860https://security.netapp.com/advisory/ntap-20210319-0005/https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4860https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook