Linux Distros Unpatched Vulnerability : CVE-2017-9287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd b...

Mageia: Security Advisory (MGASA-2018-0033)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1567-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2017-1201)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2017-1202)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 1.0: Openldap PHSA-2017-0024

An update of the openldap package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0024. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121713;...

Photon OS 1.0: Libxml2 / Ncurses / Openldap / Ruby PHSA-2017-0024 (deprecated)

An update of ncurses,openldap,libxml2,ruby packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0024. The text itself is copyright C...

OpenLDAP Zero Size PagedResultsControl Double Free Denial Of Service (CVE-2017-9287) - Ver2

A denial-of-service vulnerability exists in OpenLDAP. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

EulerOS 2.0 SP2 : openldap (EulerOS-SA-2017-1202)

According to the version of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to...

EulerOS 2.0 SP1 : openldap (EulerOS-SA-2017-1201)

According to the version of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to...

CentOS 7 : openldap (CESA-2017:1852)

An update for openldap is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Scientific Linux Security Update : openldap on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: openldap 2.4.44. Security Fixes : - A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this...

openSUSE Security Update : openldap2 (openSUSE-2017-936)

This update for openldap2 fixes the following issues : - Let OpenLDAP read system wide certificate directory by default and avoid hiding the error if user specified CA location cannot be read boo1009470. - Fix CVE-2017-9287: openldap2: Double free vulnerability with patch boo1041764 - Fix an...

openldap security, bug fix, and enhancement update

2.4.44-5 - fix CVE-2017-9287 openldap: Double free vulnerability in servers/slapd/back-mdb/search.c 1458210 2.4.44-4 - NSS: Include some CHACHA20POLY1305 ciphers 1432907 2.4.44-3 - NSS: re-register NSSShutdown callback 1405354 2.4.44-2 - Include MDB tools in openldap-servers 1428740 2.4.44-1 -...

RedHat Update for openldap RHSA-2017:1852-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: openldap security, bug fix, and enhancement update

An update for openldap is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

SUSE-SU-2017:1567-1 Security update for openldap2

This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed bsc1041764 Non security bugs fixed: - Let OpenLDAP read system-wide certificates by default and don't hide the erro...

OpenLDAP ldapsearch pagesize Double Free Denial of Service (CVE-2017-9287)

A double free vulnerability exists in the ldapsearch function of OpenLDAP. The vulnerability is due to improper handling of ldapsearch queries with a pagesize of 0. A remote attacker can exploit this vulnerability by sending a crafted query to he target OpenLDAP server...

Debian DSA-3868-1 : openldap - security update

Karsten Heymann discovered that the OpenLDAP directory server can be crashed by performing a paged search with a page size of 0, resulting in denial of service. This vulnerability is limited to the MDB storage backend. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...