Oracle Linux 7 : openldap (ELSA-2021-1389)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1389 advisory. 2.4.44-23 - Fix CVE-2020-25692 openldap: NULL pointer dereference for unauthenticated packet in slapd 1895328 Tenable has extracted the preceding description...

CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...