Lucene search
Gentoo FoundationMGASA-2015-0374HistorySep 15, 2015 - 5:55 p.m.
Updated openldap package fixes security vulnerability
2015-09-1517:55:06
Gentoo Foundation
advisories.mageia.org
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.947 High
EPSS
Percentile
99.2%
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert() call in the ber_get_next() method in a/libraries/liblber/io.c that is hit when decoding tampered BER data (CVE-2015-6908)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 4 | noarch | openldap | < 2.4.38-1.5 | openldap-2.4.38-1.5.mga4 |
| Mageia | 5 | noarch | openldap | < 2.4.40-3.1 | openldap-2.4.40-3.1.mga5 |
Related
nessus
nessus
OracleVM 3.3 : openldap (OVMSA-2015-0123)
2015-10-01 00:00:00
FreeBSD : openldap -- denial of service vulnerability (4910d161-58a4-11e5-9ad8-14dae9d210b8)
2015-09-14 00:00:00
RHEL 5 / 6 / 7 : openldap (RHSA-2015:1840)
2015-09-30 00:00:00
openvas
openvas
Debian Security Advisory DSA 3356-1 (openldap - security update)
2015-09-12 00:00:00
Mageia: Security Advisory (MGASA-2015-0374)
2015-10-15 00:00:00
Debian: Security Advisory (DSA-3356-1)
2015-09-11 00:00:00
redhat
redhat
(RHSA-2015:1840) Important: openldap security update
2015-09-29 09:46:41
securityvulns
securityvulns
[SECURITY] [DSA 3356-1] openldap security update
2015-09-14 00:00:00
OpenLDAP DoS
2015-09-14 00:00:00
f5
f5
K17460 : OpenLDAP vulnerability CVE-2015-6908
2015-10-19 00:00:00
SOL17460 - OpenLDAP vulnerability CVE-2015-6908
2015-10-19 00:00:00
freebsd
freebsd
openldap -- denial of service vulnerability
2015-09-09 00:00:00
amazon
amazon
Important: openldap, compat-openldap
2015-10-09 16:33:00
ibm
ibm
debian
debian
[SECURITY] [DSA 3356-1] openldap security update
2015-09-12 05:01:01
[SECURITY] [DSA 3356-1] openldap security update
2015-09-12 05:01:01
[SECURITY] [DLA 309-1] openldap security update
2015-09-14 20:28:48
osv
osv
openldap - security update
2015-09-12 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenLDAP ber_get_next Denial of Service (CVE-2015-6908)
2015-10-07 00:00:00
oraclelinux
oraclelinux
openldap security update
2015-09-29 00:00:00
prion
prion
Code injection
2015-09-11 16:59:00
centos
centos
compat, openldap security update
2015-09-29 13:29:35
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:44
archlinux
archlinux
openldap: denial of service
2015-09-12 00:00:00
ubuntucve
ubuntucve
CVE-2015-6908
2015-09-11 00:00:00
cve
cve
CVE-2015-6908
2015-09-11 16:59:00
debiancve
debiancve
CVE-2015-6908
2015-09-11 16:59:00
suse
suse
Security update for openldap2 (important)
2016-01-27 11:11:59
Security update for openldap2 (important)
2016-01-27 19:12:37
Security update for openldap2 (important)
2016-01-27 19:11:56
ubuntu
ubuntu
OpenLDAP vulnerabilities
2015-09-16 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.947 High
EPSS
Percentile
99.2%
Related for MGASA-2015-0374