SUSE CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

OpenLDAP Denial of Service Vulnerability (CNVD-2015-06013)

OpenLDAP is a free and open source implementation of the Lightweight Directory Access Protocol LDAP from the OpenLDAP Foundation in the United States, which is included in Linux distributions. A security vulnerability in the 'bergetnext' function in the libraries/liblber/io.c file in OpenLDAP...

DEBIAN-CVE-2015-6908

The bergetnext function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd...

SuSE9 Security Update : OpenLDAP 2 (YOU Patch Number 12222)

This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams, which triggers an assertion error. CVE-2008-2952 Additionally a bug was fixed in ldapfreeconnection which...

openSUSE Security Update : openldap2 (openldap2-145)

This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams, which triggers an assertion error. CVE-2008-2952 Additionally a bug was fixed in ldapfreeconnection which...

SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 5511)

This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams, which triggers an assertion error. CVE-2008-2952 Additionally a bug was fixed in ldapfreeconnection which...

openSUSE 10 Security Update : openldap2 (openldap2-5509)

This update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams, which triggers an assertion error. CVE-2008-2952 Additionally a bug was fixed in ldapfreeconnection which...

OpenLDAP denial-of-service flaw in ASN.1 decoder

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service program termination via crafted ASN.1 BER datagrams that trigger an assertion error...

CVE-2008-2952

OpenLDAP vulnerability CVE-2008-2952 affects liblber in OpenLDAP 2.2.4–2.4.10. A remote, unauthenticated attacker can trigger a denial of service by sending crafted ASN.1 BER datagrams that cause an assertion error in io.c, leading to slapd termination. Several distributions patched this issue (e...