5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
openldap is vulnerable to denial of service (DoS). The vulnerability exists as multiple flaws were discovered in the way the slapd daemon handled modify relative distinguished name (modrdn) requests. An authenticated user with privileges to perform modrdn operations could use these flaws to crash the slapd daemon via specially-crafted modrdn requests.
kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
secunia.com/advisories/40639
secunia.com/advisories/40687
secunia.com/advisories/42787
security.gentoo.org/glsa/glsa-201406-36.xml
support.apple.com/kb/HT4435
www.openldap.org/its/index.cgi/Software%20Bugs?id=6570
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2010-0542.html
www.securityfocus.com/archive/1/515545/100/0/threaded
www.securityfocus.com/bid/41770
www.securitytracker.com/id?1024221
www.vmware.com/security/advisories/VMSA-2011-0001.html
www.vupen.com/english/advisories/2010/1849
www.vupen.com/english/advisories/2010/1858
www.vupen.com/english/advisories/2011/0025
access.redhat.com/errata/RHSA-2010:0542