2 matches found
MGASA-2015-0374 Updated openldap package fixes security vulnerability
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call in the bergetnext method in a/libraries/liblber/io.c that is hit when decoding tampered BER data CVE-2015-6908...
openldap: denial of service
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call within the bergetnext method io.c line 682 that is hit when decoding tampered BER data. The following proof of concept exploit can be used to trigger the condition: echo...