Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-5708

slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.

Related bugs and status

CVE-2007-5708 (Candidate) is related to these bugs:

Bug #162162: [CVE-2007-5708] openldap 2.3

Summary				In	Importance	Status
	162162	[CVE-2007-5708] openldap 2.3		openldap2.3 (Ubuntu)	Undecided	Fix Released
	162162	[CVE-2007-5708] openldap 2.3		openldap2.2 (Ubuntu)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.openldap.or...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://www.redhat.com/...
MISC: http://security.gentoo...
MISC: http://www.mandriva.co...
MISC: http://www.novell.com/...
MISC: http://www.ubuntu.com/...
MISC: http://www.openldap.or...