5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.947 High
EPSS
Percentile
98.9%
OpenLDAP is an open source suite of Lightweight Directory Access Protocol
(LDAP) applications and development tools. LDAP is a set of protocols used
to access and maintain distributed directory information services over an
IP network. The openldap package contains configuration files, libraries,
and documentation for OpenLDAP.
A flaw was found in the way the OpenLDAP server daemon (slapd) parsed
certain Basic Encoding Rules (BER) data. A remote attacker could use this
flaw to crash slapd via a specially crafted packet. (CVE-2015-6908)
All openldap users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | ia64 | openldap-servers | < 2.3.43-29.el5_11 | openldap-servers-2.3.43-29.el5_11.ia64.rpm |
RedHat | 6 | s390x | openldap-debuginfo | < 2.4.40-6.el6_7 | openldap-debuginfo-2.4.40-6.el6_7.s390x.rpm |
RedHat | 7 | x86_64 | openldap-debuginfo | < 2.4.39-7.el7_1 | openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm |
RedHat | 5 | i386 | openldap-devel | < 2.3.43-29.el5_11 | openldap-devel-2.3.43-29.el5_11.i386.rpm |
RedHat | 5 | ppc64 | openldap | < 2.3.43-29.el5_11 | openldap-2.3.43-29.el5_11.ppc64.rpm |
RedHat | 7 | ppc64 | openldap-servers-sql | < 2.4.39-7.el7_1 | openldap-servers-sql-2.4.39-7.el7_1.ppc64.rpm |
RedHat | 7 | x86_64 | openldap-clients | < 2.4.39-7.el7_1 | openldap-clients-2.4.39-7.el7_1.x86_64.rpm |
RedHat | 5 | ia64 | openldap-devel | < 2.3.43-29.el5_11 | openldap-devel-2.3.43-29.el5_11.ia64.rpm |
RedHat | 5 | ppc64 | openldap-devel | < 2.3.43-29.el5_11 | openldap-devel-2.3.43-29.el5_11.ppc64.rpm |
RedHat | 7 | ppc | openldap | < 2.4.39-7.el7_1 | openldap-2.4.39-7.el7_1.ppc.rpm |