SUSE CVE-2006-2754

Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname...

CVE-2006-2754

Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname...

Fedora 14 : openldap-2.4.23-10.fc14 (2011-3627)

Changes not covered by bugs : - removed slurpd options from sysconfig/ldap - fix: possible NULL pointer dereference in NSS implementation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora 7 : openldap-2.3.34-7.fc7 (2008-1616)

Fri Feb 8 2008 Jan Safranek 2.3.34-7 - fix CVE-2008-0658 432012 - Tue Feb 5 2008 Jan Safranek 2.3.34-6 - fix CVE-2007-6698 431409 - Mon Jan 14 2008 Jan Safranek 2.3.34-5 - fix default slurpd directory to /var/lib/ldap 424831 - Fri Nov 2 2007 Jan Safranek 2.3.34-4 - fix various security flaws...

Fedora 8 : openldap-2.3.39-3.fc8 (2008-1568)

Fri Feb 8 2008 Jan Safranek 2.3.39-2 - fix CVE-2008-0658 432013 - Mon Jan 14 2008 Jan Safranek 2.3.39-2 - fix default slurpd directory to /var/lib/ldap 424831 - Fri Nov 2 2007 Jan Safranek 2.3.39-1 - new upstream version, fixing few security flaws 362991 Note that Tenable Network Security has...

Ubuntu 5.04 / 5.10 / 6.06 LTS : openldap2, openldap2.2 vulnerability (USN-305-1)

When processing overly long host names in OpenLDAP's slurpd replication server, a buffer overflow caused slurpd to crash. If an attacker manages to inject a specially crafted host name into slurpd, this might also be exploited to execute arbitrary code with slurpd's privileges; however, since...

OpenLDAP: Buffer overflow

Background OpenLDAP is a suite of LDAP-related applications and development tools. It includes slapd the standalone LDAP server, slurpd the standalone LDAP replication server, various LDAP libraries, utilities and example clients. Description slurpd contains a buffer overflow when reading very lo...

CVE-2006-2754

Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname...

CVE-2006-2754

Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname...

CVE-2006-2754

OpenLDAP slurpd is affected by a stack-based buffer overflow in st.c when processing overly long hostnames, allowing arbitrary code execution. The vulnerability is in OpenLDAP versions prior to 2.3.22. Documents from Gentoo/SUSE advisories confirm the fixed version as 2.3.22 or newer. Remediation...