Astra Linux – Vulnerability in OpenLDAP

In OpenLDAP versions 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function due to a malicious packet. This leads to a denial of service daemon exits caused by a short timestamp. This issue is related to the schemainit.c file and the...

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017550 advisory. An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of...

JLSEC-2026-162

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2020-36230)

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in an SQL Command (CVE-2022-29155)

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

CLSA-2023-1689702307 openldap: Fix of CVE-2023-2953

CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference...

SUSE CVE-2006-2754

Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname...

SUSE CVE-2019-13565

An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs...

DEBIAN-CVE-2022-22576

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocol...

The vulnerability of the OpenLDAP protocol, related to the reallocation of memory, allows a hacker to perform a denial-of-service attack.

The vulnerability of the OpenLDAP protocol lies in the repeated memory release that occurs during the processing of control elements involving value return filters. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a specially crafted request ...

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring resulting in denial of service.

...

UBUNTU-CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

UBUNTU-CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

PT-2021-5553 · Openldap +7 · Openldap +7

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.4.57 Description: A flaw was discovered in OpenLDAP leading to an infinite loop in slapd with the cancel extop Cancel operation, resulting in denial of service. This issue can be exploited by a remote attacker by...

PT-2021-5554 · Openldap +7 · Openldap +7

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.4.57 Description: The issue is related to a double free memory error during the handling of the Values Return Filter control, which can lead to a denial of service DoS when a specially crafted request is sent to...

UBUNTU-CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

UBUNTU-CVE-2019-19906

cyrus-sasl aka Cyrus SASL 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in sasladdstring in common.c in cyrus-sasl...

The vulnerability of the OpenLDAP package, related to errors in the implementation of authentication procedures, allows attackers to disclose sensitive information.

The vulnerability of the OpenLDAP package is related to errors in the implementation of authentication procedures. Exploiting this vulnerability could allow attackers to disclose sensitive information that is protected by the system...

USN-3307-1 openldap vulnerability

Karsten Heymann discovered that OpenLDAP incorrectly handled certain search requests. A remote attacker could use this issue to cause slapd to crash, resulting in a denial of service...

ALPINE-CVE-2017-9287

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0...