[CVE-2007-5708] openldap 2.3
Bug #162162 reported by
Stephan Rügamer
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openldap2.2 (Ubuntu) |
Invalid
|
Undecided
|
Jamie Strandboge | ||
| openldap2.3 (Ubuntu) |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Bug Description
Dear Colleagues,
openldap2.3 in feisty and gutsy is exploitable:
From http://
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initiialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Please find attached debdiffs for feisty and gutsy. For dapper and edgy (openldap2.2) I need to check for patches.
Regards,
\sh
Revision history for this message
| Stephan Rügamer (sruegamer) wrote | #3 |
Revision history for this message
| Stephan Rügamer (sruegamer) wrote | #4 |
Revision history for this message
| Stephan Rügamer (sruegamer) wrote | #5 |
Revision history for this message
| Stephan Rügamer (sruegamer) wrote | #6 |
| Changed in openldap2.3: | |
| assignee: | nobody → shermann |
| status: | New → In Progress |
| Changed in openldap2.2: | |
| assignee: | nobody → jamie-strandboge |
| status: | New → In Progress |
| Changed in openldap2.3: | |
| status: | In Progress → Fix Released |
| Changed in openldap2.2: | |
| status: | In Progress → Fix Released |
| status: | Fix Released → Invalid |
To post a comment you must log in.
CVE-2007-5707 is also hanging...
I'll provide updated debdiffs...