Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-17740

Опубликовано: 20 окт. 2017
Источник: redhat
CVSS3: 5.9

Описание

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5openldapNot affected
Red Hat Enterprise Linux 5openldap24-libsNot affected
Red Hat Enterprise Linux 6compat-openldapNot affected
Red Hat Enterprise Linux 6openldapNot affected
Red Hat Enterprise Linux 7compat-openldapNot affected
Red Hat Enterprise Linux 7openldapNot affected
Red Hat Enterprise Linux 8openldapNot affected
Red Hat JBoss Core ServicesopenldapNot affected
Red Hat JBoss Enterprise Application Platform 5openldapWill not fix
Red Hat JBoss Enterprise Web Server 2openldapNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-628
https://bugzilla.redhat.com/show_bug.cgi?id=1527076openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-17740

CVSS3: 7.5
ubuntu
около 8 лет назад

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

nvd логотип

CVE-2017-17740

CVSS3: 7.5
nvd
около 8 лет назад

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

debian логотип

CVE-2017-17740

CVSS3: 7.5
debian
около 8 лет назад

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ...

suse-cvrf логотип

SUSE-SU-2018:4150-1

suse-cvrf
около 7 лет назад

Security update for openldap2

github логотип

GHSA-h7vm-9jwq-6c9r

CVSS3: 7.5
github
больше 3 лет назад

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

5.9 Medium

CVSS3