K000140040: OpenLDAP slapd vulnerabilities CVE-2020-36230, CVE-2020-36229, CVE-2017-17740, CVE-2017-9287, and CVE-2017-14159

Security Advisory Description CVE-2020-36230 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. CVE-2020-36229 A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2895)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : openldap (EulerOS-SA-2021-2029)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c...

EulerOS Virtualization for ARM 64 3.0.6.0 : openldap (EulerOS-SA-2021-2004)

According to the versions of the openldap packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the...

EulerOS 2.0 SP5 : openldap (EulerOS-SA-2021-1906)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via ...

EulerOS 2.0 SP3 : openldap (EulerOS-SA-2021-1824)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in...

Denial Of Service (DoS)

openldap is vulnerable to denial of service. An assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement results in a denial of service condition...

Denial Of Service (DoS)

openldap is vulnerable to denial of service. The vulnerability exists due to a flaw was discovered in ldapX509dn2bv in OpenLDAP leading to a slapd crash in the X.509 DN parsing in adkeystring...

EulerOS Virtualization 2.9.1 : openldap (EulerOS-SA-2021-1719)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateChec...

SUSE SLED15 / SLES15 Security Update : openldap2 (SUSE-SU-2021:0723-1)

This update for openldap2 fixes the following issues : bsc1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. bsc1182411 CVE-2020-36229 - ldapX509dn2bv crash in the X.509 DN parsing in adkeystring, resulting in...

Updated openldap packages fix security vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service CVE-2020-36221. It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

USN-4724-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1269)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1250)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...

CVE-2020-36229

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

CVE-2020-36229

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

CVE-2020-36229

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

Design/Logic Flaw

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...