Lucene search
UbuntuUSN-634-1HistoryAug 01, 2008 - 12:00 a.m.
OpenLDAP vulnerability
2008-08-0100:00:00
ubuntu.com
29
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.823 High
EPSS
Percentile
98.4%
Releases
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 7.04
- Ubuntu 6.06
Packages
- openldap2.2 -
- openldap2.3 -
Details
Cameron Hotchkies discovered that OpenLDAP did not correctly handle
certain ASN.1 BER data. A remote attacker could send a specially crafted
packet and crash slapd, leading to a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | slapd | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | ldap-utils | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libldap-2.4-2 | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libldap-2.4-2-dbg | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libldap2-dev | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | slapd-dbg | < 2.4.9-0ubuntu0.8.04.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | slapd | < 2.3.35-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 7.10 | noarch | ldap-utils | < 2.3.35-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libldap-2.3-0 | < 2.3.35-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 7.04 | noarch | slapd | < 2.3.30-2ubuntu0.3 | UNKNOWN |
References
Related
nessus
nessus
Debian DSA-1650-1 : openldap2.3 - denial of service
2008-10-13 00:00:00
GLSA-200808-09 : OpenLDAP: Denial of Service vulnerability
2008-08-10 00:00:00
Oracle Linux 4 / 5 : openldap (ELSA-2008-0583)
2013-07-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200808-09 (openldap)
2008-09-24 00:00:00
CentOS Update for compat-openldap CESA-2008:0583 centos4 x86_64
2009-02-27 00:00:00
Fedora Update for openldap FEDORA-2008-6062
2009-02-17 00:00:00
debiancve
debiancve
CVE-2008-2952
2008-07-01 21:41:00
centos
centos
compat, openldap security update
2008-07-09 16:17:29
checkpoint_advisories
checkpoint_advisories
OpenLDAP ber_get_next BER Decoding Denial of Service
2008-10-10 00:00:00
OpenLDAP BER Decoding Denial of Service (CVE-2008-2952)
2010-03-24 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: openldap-2.4.8-6.fc9
2008-07-03 03:17:22
[SECURITY] Fedora 8 Update: openldap-2.3.39-4.fc8
2008-07-03 03:15:35
redhat
redhat
(RHSA-2008:0583) Important: openldap security update
2008-07-09 00:00:00
osv
osv
openldap2.3 - denial of service
2008-10-12 00:00:00
gentoo
gentoo
OpenLDAP: Denial of Service vulnerability
2008-08-08 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package openldap2.4 version 2.3.41-alt2
2008-07-02 00:00:00
securityvulns
securityvulns
[USN-634-1] OpenLDAP vulnerability
2008-08-03 00:00:00
OpenLDAP slapd DoS
2008-08-03 00:00:00
zdi
zdi
OpenLDAP BER Decoding Remote DoS Vulnerability
2008-08-14 00:00:00
debian
debian
[SECURITY] [DSA 1650-1] New openldap2.3 packags fix denial of service
2008-10-12 09:35:44
prion
prion
Code injection
2008-07-01 21:41:00
cve
cve
CVE-2008-2952
2008-07-01 21:41:00
oraclelinux
oraclelinux
openldap security update
2008-07-09 00:00:00
ubuntucve
ubuntucve
CVE-2008-2952
2008-07-01 00:00:00
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.823 High
EPSS
Percentile
98.4%
Related for USN-634-1