An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.
[
{
"product": "openldap",
"vendor": "openldap",
"versions": [
{
"status": "affected",
"version": "2.4"
}
]
}
]