CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
99.5%
Updated openldap packages fix security vulnerability: The deref overlay in slapd 2.4.13 through 2.4.40 dereferences a NULL pointer when a search request includes the Deref control with an empty list of attributes to return (missing input validation). This allows a remote unauthenticated client to crash the LDAP server (CVE-2015-1545).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | openldap | < 2.4.38-1.3 | openldap-2.4.38-1.3.mga4 |