Lucene search

K
nvd[email protected]NVD:CVE-2011-4079
HistoryOct 27, 2011 - 8:55 p.m.

CVE-2011-4079

2011-10-2720:55:01
CWE-189
web.nvd.nist.gov
2

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

9.1

Confidence

High

EPSS

0.044

Percentile

92.4%

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry.

Affected configurations

Nvd
Node
openldapopenldapRange2.4.26
OR
openldapopenldapMatch1.0
OR
openldapopenldapMatch1.0.1
OR
openldapopenldapMatch1.0.2
OR
openldapopenldapMatch1.0.3
OR
openldapopenldapMatch1.1
OR
openldapopenldapMatch1.1.0
OR
openldapopenldapMatch1.1.1
OR
openldapopenldapMatch1.1.2
OR
openldapopenldapMatch1.1.3
OR
openldapopenldapMatch1.1.4
OR
openldapopenldapMatch1.2
OR
openldapopenldapMatch1.2.0
OR
openldapopenldapMatch1.2.1
OR
openldapopenldapMatch1.2.2
OR
openldapopenldapMatch1.2.3
OR
openldapopenldapMatch1.2.4
OR
openldapopenldapMatch1.2.5
OR
openldapopenldapMatch1.2.6
OR
openldapopenldapMatch1.2.7
OR
openldapopenldapMatch1.2.8
OR
openldapopenldapMatch1.2.9
OR
openldapopenldapMatch1.2.10
OR
openldapopenldapMatch1.2.11
OR
openldapopenldapMatch1.2.12
OR
openldapopenldapMatch1.2.13
OR
openldapopenldapMatch2.0
OR
openldapopenldapMatch2.0.0
OR
openldapopenldapMatch2.0.1
OR
openldapopenldapMatch2.0.2
OR
openldapopenldapMatch2.0.3
OR
openldapopenldapMatch2.0.4
OR
openldapopenldapMatch2.0.5
OR
openldapopenldapMatch2.0.6
OR
openldapopenldapMatch2.0.7
OR
openldapopenldapMatch2.0.8
OR
openldapopenldapMatch2.0.9
OR
openldapopenldapMatch2.0.10
OR
openldapopenldapMatch2.0.11
OR
openldapopenldapMatch2.0.11_9
OR
openldapopenldapMatch2.0.11_11
OR
openldapopenldapMatch2.0.11_11s
OR
openldapopenldapMatch2.0.12
OR
openldapopenldapMatch2.0.13
OR
openldapopenldapMatch2.0.14
OR
openldapopenldapMatch2.0.15
OR
openldapopenldapMatch2.0.16
OR
openldapopenldapMatch2.0.17
OR
openldapopenldapMatch2.0.18
OR
openldapopenldapMatch2.0.19
OR
openldapopenldapMatch2.0.20
OR
openldapopenldapMatch2.0.21
OR
openldapopenldapMatch2.0.22
OR
openldapopenldapMatch2.0.23
OR
openldapopenldapMatch2.0.24
OR
openldapopenldapMatch2.0.25
OR
openldapopenldapMatch2.0.26
OR
openldapopenldapMatch2.0.27
OR
openldapopenldapMatch2.1.2
OR
openldapopenldapMatch2.1.3
OR
openldapopenldapMatch2.1.4
OR
openldapopenldapMatch2.1.5
OR
openldapopenldapMatch2.1.6
OR
openldapopenldapMatch2.1.7
OR
openldapopenldapMatch2.1.8
OR
openldapopenldapMatch2.1.9
OR
openldapopenldapMatch2.1.10
OR
openldapopenldapMatch2.1.11
OR
openldapopenldapMatch2.1.12
OR
openldapopenldapMatch2.1.13
OR
openldapopenldapMatch2.1.14
OR
openldapopenldapMatch2.1.15
OR
openldapopenldapMatch2.1.16
OR
openldapopenldapMatch2.1.17
OR
openldapopenldapMatch2.1.18
OR
openldapopenldapMatch2.1.19
OR
openldapopenldapMatch2.1.20
OR
openldapopenldapMatch2.1.21
OR
openldapopenldapMatch2.1.22
OR
openldapopenldapMatch2.1.23
OR
openldapopenldapMatch2.1.24
OR
openldapopenldapMatch2.1.25
OR
openldapopenldapMatch2.1.26
OR
openldapopenldapMatch2.1.27
OR
openldapopenldapMatch2.1.28
OR
openldapopenldapMatch2.1.29
OR
openldapopenldapMatch2.1.30
OR
openldapopenldapMatch2.1_.20
OR
openldapopenldapMatch2.2.0
OR
openldapopenldapMatch2.2.1
OR
openldapopenldapMatch2.2.4
OR
openldapopenldapMatch2.2.5
OR
openldapopenldapMatch2.2.6
OR
openldapopenldapMatch2.2.7
OR
openldapopenldapMatch2.2.8
OR
openldapopenldapMatch2.2.9
OR
openldapopenldapMatch2.2.10
OR
openldapopenldapMatch2.2.11
OR
openldapopenldapMatch2.2.12
OR
openldapopenldapMatch2.2.13
OR
openldapopenldapMatch2.2.14
OR
openldapopenldapMatch2.2.15
OR
openldapopenldapMatch2.2.16
OR
openldapopenldapMatch2.2.17
OR
openldapopenldapMatch2.2.18
OR
openldapopenldapMatch2.2.19
OR
openldapopenldapMatch2.2.20
OR
openldapopenldapMatch2.2.21
OR
openldapopenldapMatch2.2.22
OR
openldapopenldapMatch2.2.23
OR
openldapopenldapMatch2.2.24
OR
openldapopenldapMatch2.2.25
OR
openldapopenldapMatch2.2.26
OR
openldapopenldapMatch2.2.27
OR
openldapopenldapMatch2.3.4
OR
openldapopenldapMatch2.3.5
OR
openldapopenldapMatch2.3.6
OR
openldapopenldapMatch2.3.7
OR
openldapopenldapMatch2.3.8
OR
openldapopenldapMatch2.3.9
OR
openldapopenldapMatch2.3.10
OR
openldapopenldapMatch2.3.11
OR
openldapopenldapMatch2.3.12
OR
openldapopenldapMatch2.3.13
OR
openldapopenldapMatch2.3.14
OR
openldapopenldapMatch2.3.15
OR
openldapopenldapMatch2.3.16
OR
openldapopenldapMatch2.3.17
OR
openldapopenldapMatch2.3.18
OR
openldapopenldapMatch2.3.19
OR
openldapopenldapMatch2.3.20
OR
openldapopenldapMatch2.3.21
OR
openldapopenldapMatch2.3.22
OR
openldapopenldapMatch2.3.23
OR
openldapopenldapMatch2.3.24
OR
openldapopenldapMatch2.3.25
OR
openldapopenldapMatch2.3.26
OR
openldapopenldapMatch2.3.27
OR
openldapopenldapMatch2.3.28
OR
openldapopenldapMatch2.3.29
OR
openldapopenldapMatch2.3.30
OR
openldapopenldapMatch2.3.31
OR
openldapopenldapMatch2.3.32
OR
openldapopenldapMatch2.3.33
OR
openldapopenldapMatch2.3.34
OR
openldapopenldapMatch2.3.35
OR
openldapopenldapMatch2.3.36
OR
openldapopenldapMatch2.3.37
OR
openldapopenldapMatch2.3.38
OR
openldapopenldapMatch2.3.39
OR
openldapopenldapMatch2.3.40
OR
openldapopenldapMatch2.3.41
OR
openldapopenldapMatch2.3.42
OR
openldapopenldapMatch2.3.43
OR
openldapopenldapMatch2.4.3
OR
openldapopenldapMatch2.4.6
OR
openldapopenldapMatch2.4.7
OR
openldapopenldapMatch2.4.8
OR
openldapopenldapMatch2.4.9
OR
openldapopenldapMatch2.4.10
OR
openldapopenldapMatch2.4.11
OR
openldapopenldapMatch2.4.12
OR
openldapopenldapMatch2.4.13
OR
openldapopenldapMatch2.4.14
OR
openldapopenldapMatch2.4.15
OR
openldapopenldapMatch2.4.16
OR
openldapopenldapMatch2.4.17
OR
openldapopenldapMatch2.4.18
OR
openldapopenldapMatch2.4.19
OR
openldapopenldapMatch2.4.20
OR
openldapopenldapMatch2.4.21
OR
openldapopenldapMatch2.4.22
OR
openldapopenldapMatch2.4.23
OR
openldapopenldapMatch2.4.24
OR
openldapopenldapMatch2.4.25
VendorProductVersionCPE
openldapopenldap*cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*
openldapopenldap1.0cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*
openldapopenldap1.0.1cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*
openldapopenldap1.0.2cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*
openldapopenldap1.0.3cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*
openldapopenldap1.1cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*
openldapopenldap1.1.0cpe:2.3:a:openldap:openldap:1.1.0:*:*:*:*:*:*:*
openldapopenldap1.1.1cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*
openldapopenldap1.1.2cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*
openldapopenldap1.1.3cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 1751

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

9.1

Confidence

High

EPSS

0.044

Percentile

92.4%