[SRU] denial of service via an LDAP search query (CVE-2012-1164, CVE-2013-4449, CVE-2015-1545)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap (Debian) |
Fix Released
|
Unknown
|
|||
openldap (Ubuntu) |
Fix Released
|
High
|
Felipe Reyes | ||
Precise |
Fix Released
|
High
|
Felipe Reyes | ||
Trusty |
Fix Released
|
Undecided
|
Felipe Reyes | ||
Utopic |
Fix Released
|
Undecided
|
Felipe Reyes | ||
Vivid |
Fix Released
|
Undecided
|
Felipe Reyes |
Bug Description
[Impact]
* CVE-2012-1164:
- slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.
- Trusty ships 2.4.31 which comes with a fix for this.
* CVE-2013-4449
- The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
- This bug affects all the series (precise, trusty, utopic, vivid and wily)
* CVE-2015-1545
- The deref_parseCtrl function in servers/
- This bug affects all the series (precise, trusty, utopic, vivid and wily)
[Regression Potential]
* this set of patches adds validations to avoid segfaults, so no regression is expected.
[Other Info]
* CVE-2012-1164:
- Upstream bug report http://
- http://
- Patches backported:
- http://
- http://
- http://
* CVE-2013-4449
- Upstream bug report http://
- Patches backported:
- http://
* CVE-2015-1545
- Upstream bug report http://
- Patches backported:
- http://
Changed in openldap (Ubuntu): | |
assignee: | nobody → Felipe Reyes (freyes) |
Changed in openldap (Debian): | |
status: | Unknown → Fix Released |
description: | updated |
summary: |
- denial of service via an LDAP search query with attrsOnly set to true - (CVE-2012-1164) + [SRU] denial of service via an LDAP search query with attrsOnly set to + true (CVE-2012-1164) |
description: | updated |
tags: | removed: patch |
summary: |
- [SRU] denial of service via an LDAP search query with attrsOnly set to - true (CVE-2012-1164) + [SRU] denial of service via an LDAP search query (CVE-2012-1164, + CVE-2013-4449, CVE-2015-1545) |
Changed in openldap (Ubuntu Precise): | |
assignee: | nobody → Felipe Reyes (freyes) |
Changed in openldap (Ubuntu Trusty): | |
assignee: | nobody → Felipe Reyes (freyes) |
Changed in openldap (Ubuntu Utopic): | |
assignee: | nobody → Felipe Reyes (freyes) |
Changed in openldap (Ubuntu Vivid): | |
assignee: | nobody → Felipe Reyes (freyes) |
The attachment "lp1446809_ precise. debdiff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]