Описание
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.
A NULL pointer dereference flaw was found in the OpenLDAP server, during a request for renaming RDNs. This flaw allows a remote, unauthenticated attacker to crash the slapd process by sending a specially crafted request, causing a denial of service. The highest threat from this vulnerability is to system availability.
Отчет
This vulnerability affects the server side only. As a result, OpenLDAP client components, such as the component shipped in Red Hat Enterprise Linux 8, are not affected by this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | openldap | Out of support scope | ||
| Red Hat Enterprise Linux 5 | openldap24-libs | Not affected | ||
| Red Hat Enterprise Linux 6 | compat-openldap | Not affected | ||
| Red Hat Enterprise Linux 6 | openldap | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-openldap | Not affected | ||
| Red Hat Enterprise Linux 8 | openldap | Not affected | ||
| Red Hat JBoss Core Services | openldap | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 5 | openldap | Not affected | ||
| Red Hat JBoss Enterprise Web Server 2 | openldap | Not affected | ||
| Red Hat Enterprise Linux 7 | openldap | Fixed | RHSA-2021:1389 | 27.04.2021 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55 during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request causing a Denial of Service.
A NULL pointer dereference was found in OpenLDAP server and was fixed ...
7.5 High
CVSS3