SUSE CVE-2015-6908

The bergetnext function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd...

OpenLDAP < 2.4.43 DoS Vulnerability

OpenLDAP is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

OpenLDAP ber_get_next Denial of Service (CVE-2015-6908)

A denial of service condition has been reported in OpenLDAP. The vulnerability is due to an obsolete assertion failure in bergetnext. A remote user can exploit this vulnerability by sending a crafted BER message to the target server. A successful exploitation will cause a denial of service...

OracleVM 3.3 : openldap (OVMSA-2015-0123)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-6908 openldap: bergetnext denial of service vulnerability 1263171 - fix: nslcd segfaults due to incorrect mutex initialization 1144294 - fix: Updating openldap deletes database if slapd.conf ...

openldap: ber_get_next denial of service vulnerability

A flaw was found in the way the OpenLDAP server daemon slapd parsed certain Basic Encoding Rules BER data. A remote attacker could use this flaw to crash slapd via a specially crafted packet...

openldap: denial of service

By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call within the bergetnext method io.c line 682 that is hit when decoding tampered BER data. The following proof of concept exploit can be used to trigger the condition: echo...

DEBIAN-CVE-2015-6908

The bergetnext function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd...

OpenLDAP 2.4.42 - ber_get_next Denial of Service

OpenLDAP 2.4.42 - bergetnext Denial of Service Exploit Title: OpenLDAP 2.4.42 bergetnext DOS Date: 11/09/15 Exploit Author: Denis Andzakovic - Security-Assessment.com Vendor Homepage: http://www.openldap.org/ Software Link: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.42.tgz...

OpenLDAP 2.4.42 - ber_get_next Denial of Service

Exploit Title: OpenLDAP 2.4.42 bergetnext DOS Date: 11/09/15 Exploit Author: Denis Andzakovic - Security-Assessment.com Vendor Homepage: http://www.openldap.org/ Software Link: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.42.tgz Version: Y Y \ / /| / \ /||| / / /.-. / /:wq...