CVE-2007-5707
6.4 Medium
AI Score
Confidence
Low
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.046 Low
EPSS
Percentile
92.5%
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632
lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
secunia.com/advisories/27424
secunia.com/advisories/27587
secunia.com/advisories/27596
secunia.com/advisories/27683
secunia.com/advisories/27756
secunia.com/advisories/27868
secunia.com/advisories/29461
secunia.com/advisories/29682
security.gentoo.org/glsa/glsa-200803-28.xml
support.apple.com/kb/HT3937
www.debian.org/security/2008/dsa-1541
www.mandriva.com/security/advisories?name=MDKSA-2007:215
www.novell.com/linux/security/advisories/2007_24_sr.html
www.openldap.org/its/index.cgi/Software%20Bugs?id=5119
www.openldap.org/lists/openldap-announce/200710/msg00001.html
www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html
www.redhat.com/support/errata/RHSA-2007-1037.html
www.redhat.com/support/errata/RHSA-2007-1038.html
www.securityfocus.com/bid/26245
www.securitytracker.com/id?1018924
www.ubuntu.com/usn/usn-551-1
www.vupen.com/english/advisories/2007/3645
www.vupen.com/english/advisories/2009/3184
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10183
Social References
More
Related
6.4 Medium
AI Score
Confidence
Low
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.046 Low
EPSS
Percentile
92.5%