Описание
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.4.40+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2.4.31-1+nmu2ubuntu8.1 |
| lucid | ignored | end of life |
| precise | released | 2.4.28-1.1ubuntu4.5 |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | released | 2.4.31-1+nmu2ubuntu8.1 |
| trusty/esm | not-affected | 2.4.31-1+nmu2ubuntu8.1 |
| upstream | released | 2.4.39-1.1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not prope ...
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
EPSS
4.3 Medium
CVSS2