Описание
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
A flaw was found in OpenLDAP. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Отчет
This flaw does not affect Red Hat Enterprise Linux 8 because the slapd server is not shipped in the Red Hat Enterprise Linux 8 repositories.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | openldap | Out of support scope | ||
| Red Hat Enterprise Linux 5 | openldap24-libs | Out of support scope | ||
| Red Hat Enterprise Linux 6 | compat-openldap | Out of support scope | ||
| Red Hat Enterprise Linux 6 | openldap | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-openldap | Out of support scope | ||
| Red Hat Enterprise Linux 8 | openldap | Not affected | ||
| Red Hat JBoss Core Services | openldap | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 5 | openldap | Out of support scope | ||
| Red Hat JBoss Enterprise Web Server 2 | openldap | Out of support scope | ||
| Red Hat Enterprise Linux 7 | openldap | Fixed | RHSA-2022:0621 | 22.02.2022 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allo ...
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Уязвимость функции csnNormalize23() реализации протокола LDAP OpenLDAP, связанная с недостатком использования функции assert(), позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3