[CVE-2007-5708] openldap 2.3

Bug #162162 reported by Stephan Rügamer
254
Affects Status Importance Assigned to Milestone
openldap2.2 (Ubuntu)
Invalid
Undecided
Jamie Strandboge
Nominated for Feisty by Stephan Rügamer
Nominated for Gutsy by Stephan Rügamer
openldap2.3 (Ubuntu)
Fix Released
Undecided
Stephan Rügamer
Nominated for Feisty by Stephan Rügamer
Nominated for Gutsy by Stephan Rügamer

Bug Description

Dear Colleagues,

openldap2.3 in feisty and gutsy is exploitable:

From http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5708:

slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initiialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.

Please find attached debdiffs for feisty and gutsy. For dapper and edgy (openldap2.2) I need to check for patches.

Regards,

\sh

CVE References

Revision history for this message
Stephan Rügamer (sruegamer) wrote :

CVE-2007-5707 is also hanging...

I'll provide updated debdiffs...

Revision history for this message
Stephan Rügamer (sruegamer) wrote :
Revision history for this message
Stephan Rügamer (sruegamer) wrote :
Revision history for this message
Stephan Rügamer (sruegamer) wrote :

see #163740 for debdiffs for 2007-5707 for dapper and edgy

Changed in openldap2.3:
assignee: nobody → shermann
status: New → In Progress
Changed in openldap2.2:
assignee: nobody → jamie-strandboge
status: New → In Progress
Changed in openldap2.3:
status: In Progress → Fix Released
Changed in openldap2.2:
status: In Progress → Fix Released
status: Fix Released → Invalid
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.