Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2007-5708 (GCVE-0-2007-5708)
Vulnerability from cvelistv5 – Published: 2007-10-30 23:00 – Updated: 2024-08-07 15:39
VLAI?
EPSS
Summary
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27683"
},
{
"name": "MDVSA-2008:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"name": "29461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29461"
},
{
"name": "29225",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29225"
},
{
"name": "29682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29682"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "GLSA-200803-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"name": "DSA-1541",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "[openldap-announce] 20071026 OpenLDAP 2.3.39 available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"name": "27424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27424"
},
{
"name": "USN-551-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"name": "ADV-2007-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3645"
},
{
"name": "26245",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26245"
},
{
"name": "FEDORA-2007-741",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"name": "27868",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-07T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-23T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "27683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27683"
},
{
"name": "MDVSA-2008:058",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"name": "29461",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29461"
},
{
"name": "29225",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29225"
},
{
"name": "29682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29682"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
},
{
"name": "27756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "GLSA-200803-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"name": "DSA-1541",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"name": "SUSE-SR:2007:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "[openldap-announce] 20071026 OpenLDAP 2.3.39 available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"name": "27424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27424"
},
{
"name": "USN-551-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"name": "ADV-2007-3645",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3645"
},
{
"name": "26245",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26245"
},
{
"name": "FEDORA-2007-741",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"name": "27868",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27868"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-5708",
"datePublished": "2007-10-30T23:00:00.000Z",
"dateReserved": "2007-10-30T04:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-G9PH-57WJ-HFCF
Vulnerability from github – Published: 2022-05-01 18:36 – Updated: 2022-05-01 18:36
VLAI?
Details
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
{
"affected": [],
"aliases": [
"CVE-2007-5708"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2007-10-30T19:46:00Z",
"severity": "HIGH"
},
"details": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.",
"id": "GHSA-g9ph-57wj-hfcf",
"modified": "2022-05-01T18:36:07Z",
"published": "2022-05-01T18:36:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5708"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/27424"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/27683"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/27756"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/27868"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29225"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29461"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/29682"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"type": "WEB",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"type": "WEB",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
},
{
"type": "WEB",
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/26245"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/3645"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2007-5708
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2007-5708",
"description": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.",
"id": "GSD-2007-5708",
"references": [
"https://www.suse.com/security/cve/CVE-2007-5708.html",
"https://www.debian.org/security/2008/dsa-1541"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2007-5708"
],
"details": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.",
"id": "GSD-2007-5708",
"modified": "2023-12-13T01:21:41.054272Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/advisories/27424",
"refsource": "MISC",
"url": "http://secunia.com/advisories/27424"
},
{
"name": "http://secunia.com/advisories/27683",
"refsource": "MISC",
"url": "http://secunia.com/advisories/27683"
},
{
"name": "http://secunia.com/advisories/27756",
"refsource": "MISC",
"url": "http://secunia.com/advisories/27756"
},
{
"name": "http://secunia.com/advisories/27868",
"refsource": "MISC",
"url": "http://secunia.com/advisories/27868"
},
{
"name": "http://secunia.com/advisories/29461",
"refsource": "MISC",
"url": "http://secunia.com/advisories/29461"
},
{
"name": "http://secunia.com/advisories/29682",
"refsource": "MISC",
"url": "http://secunia.com/advisories/29682"
},
{
"name": "http://security.gentoo.org/glsa/glsa-200803-28.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"name": "http://www.debian.org/security/2008/dsa-1541",
"refsource": "MISC",
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"name": "http://www.novell.com/linux/security/advisories/2007_24_sr.html",
"refsource": "MISC",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html",
"refsource": "MISC",
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"name": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html",
"refsource": "MISC",
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"name": "http://www.securityfocus.com/bid/26245",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/26245"
},
{
"name": "http://www.ubuntu.com/usn/usn-551-1",
"refsource": "MISC",
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"name": "http://www.vupen.com/english/advisories/2007/3645",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2007/3645"
},
{
"name": "http://secunia.com/advisories/29225",
"refsource": "MISC",
"url": "http://secunia.com/advisories/29225"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163",
"refsource": "MISC",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.11_11s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.11_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1_.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.3.28_e1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.29_rev_1.134:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.3.27_2.20061018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.3.28_20061022:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.11_9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.28_r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.3.28_2.20061022:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5708"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163",
"refsource": "MISC",
"tags": [],
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
},
{
"name": "[openldap-announce] 20071026 OpenLDAP 2.3.39 available",
"refsource": "MLIST",
"tags": [
"Patch"
],
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"name": "27424",
"refsource": "SECUNIA",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27424"
},
{
"name": "FEDORA-2007-741",
"refsource": "FEDORA",
"tags": [],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"name": "SUSE-SR:2007:024",
"refsource": "SUSE",
"tags": [],
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "USN-551-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"name": "27683",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27683"
},
{
"name": "27868",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27868"
},
{
"name": "27756",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27756"
},
{
"name": "MDVSA-2008:058",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"name": "29225",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29225"
},
{
"name": "GLSA-200803-28",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"name": "29461",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29461"
},
{
"name": "DSA-1541",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"name": "29682",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29682"
},
{
"name": "ADV-2007-3645",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3645"
},
{
"name": "26245",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/26245"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2011-03-07T05:00Z",
"publishedDate": "2007-10-30T19:46Z"
}
}
}
FKIE_CVE-2007-5708
Vulnerability from fkie_nvd - Published: 2007-10-30 19:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/27424 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27683 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27868 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/29225 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/29461 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/29682 | Vendor Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200803-28.xml | ||
| secalert@redhat.com | http://www.debian.org/security/2008/dsa-1541 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_24_sr.html | ||
| secalert@redhat.com | http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163 | ||
| secalert@redhat.com | http://www.openldap.org/lists/openldap-announce/200710/msg00001.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/26245 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-551-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/3645 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27424 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27683 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27868 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29225 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29461 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29682 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200803-28.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1541 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_24_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openldap.org/lists/openldap-announce/200710/msg00001.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26245 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-551-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3645 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openldap | openldap | 1.0 | |
| openldap | openldap | 1.0.1 | |
| openldap | openldap | 1.0.2 | |
| openldap | openldap | 1.0.3 | |
| openldap | openldap | 1.1 | |
| openldap | openldap | 1.1.0 | |
| openldap | openldap | 1.1.1 | |
| openldap | openldap | 1.1.2 | |
| openldap | openldap | 1.1.3 | |
| openldap | openldap | 1.1.4 | |
| openldap | openldap | 1.2 | |
| openldap | openldap | 1.2.0 | |
| openldap | openldap | 1.2.1 | |
| openldap | openldap | 1.2.2 | |
| openldap | openldap | 1.2.3 | |
| openldap | openldap | 1.2.4 | |
| openldap | openldap | 1.2.5 | |
| openldap | openldap | 1.2.6 | |
| openldap | openldap | 1.2.7 | |
| openldap | openldap | 1.2.8 | |
| openldap | openldap | 1.2.9 | |
| openldap | openldap | 1.2.10 | |
| openldap | openldap | 1.2.11 | |
| openldap | openldap | 1.2.12 | |
| openldap | openldap | 1.2.13 | |
| openldap | openldap | 2.0 | |
| openldap | openldap | 2.0.0 | |
| openldap | openldap | 2.0.1 | |
| openldap | openldap | 2.0.2 | |
| openldap | openldap | 2.0.3 | |
| openldap | openldap | 2.0.4 | |
| openldap | openldap | 2.0.5 | |
| openldap | openldap | 2.0.6 | |
| openldap | openldap | 2.0.7 | |
| openldap | openldap | 2.0.8 | |
| openldap | openldap | 2.0.9 | |
| openldap | openldap | 2.0.10 | |
| openldap | openldap | 2.0.11 | |
| openldap | openldap | 2.0.11_9 | |
| openldap | openldap | 2.0.11_11 | |
| openldap | openldap | 2.0.11_11s | |
| openldap | openldap | 2.0.12 | |
| openldap | openldap | 2.0.13 | |
| openldap | openldap | 2.0.14 | |
| openldap | openldap | 2.0.15 | |
| openldap | openldap | 2.0.16 | |
| openldap | openldap | 2.0.17 | |
| openldap | openldap | 2.0.18 | |
| openldap | openldap | 2.0.19 | |
| openldap | openldap | 2.0.20 | |
| openldap | openldap | 2.0.21 | |
| openldap | openldap | 2.0.22 | |
| openldap | openldap | 2.0.23 | |
| openldap | openldap | 2.0.24 | |
| openldap | openldap | 2.0.25 | |
| openldap | openldap | 2.0.26 | |
| openldap | openldap | 2.0.27 | |
| openldap | openldap | 2.1.2 | |
| openldap | openldap | 2.1.3 | |
| openldap | openldap | 2.1.4 | |
| openldap | openldap | 2.1.5 | |
| openldap | openldap | 2.1.6 | |
| openldap | openldap | 2.1.7 | |
| openldap | openldap | 2.1.8 | |
| openldap | openldap | 2.1.9 | |
| openldap | openldap | 2.1.10 | |
| openldap | openldap | 2.1.11 | |
| openldap | openldap | 2.1.12 | |
| openldap | openldap | 2.1.13 | |
| openldap | openldap | 2.1.14 | |
| openldap | openldap | 2.1.15 | |
| openldap | openldap | 2.1.16 | |
| openldap | openldap | 2.1.17 | |
| openldap | openldap | 2.1.18 | |
| openldap | openldap | 2.1.19 | |
| openldap | openldap | 2.1.20 | |
| openldap | openldap | 2.1.21 | |
| openldap | openldap | 2.1.22 | |
| openldap | openldap | 2.1.23 | |
| openldap | openldap | 2.1.24 | |
| openldap | openldap | 2.1.25 | |
| openldap | openldap | 2.1.26 | |
| openldap | openldap | 2.1.27 | |
| openldap | openldap | 2.1.28 | |
| openldap | openldap | 2.1.29 | |
| openldap | openldap | 2.1.30 | |
| openldap | openldap | 2.1_.20 | |
| openldap | openldap | 2.2.0 | |
| openldap | openldap | 2.2.1 | |
| openldap | openldap | 2.2.4 | |
| openldap | openldap | 2.2.5 | |
| openldap | openldap | 2.2.6 | |
| openldap | openldap | 2.2.7 | |
| openldap | openldap | 2.2.8 | |
| openldap | openldap | 2.2.9 | |
| openldap | openldap | 2.2.10 | |
| openldap | openldap | 2.2.11 | |
| openldap | openldap | 2.2.12 | |
| openldap | openldap | 2.2.13 | |
| openldap | openldap | 2.2.14 | |
| openldap | openldap | 2.2.15 | |
| openldap | openldap | 2.2.16 | |
| openldap | openldap | 2.2.17 | |
| openldap | openldap | 2.2.18 | |
| openldap | openldap | 2.2.19 | |
| openldap | openldap | 2.2.20 | |
| openldap | openldap | 2.2.21 | |
| openldap | openldap | 2.2.22 | |
| openldap | openldap | 2.2.23 | |
| openldap | openldap | 2.2.24 | |
| openldap | openldap | 2.2.25 | |
| openldap | openldap | 2.2.26 | |
| openldap | openldap | 2.2.27 | |
| openldap | openldap | 2.2.28_r2 | |
| openldap | openldap | 2.2.29_rev_1.134 | |
| openldap | openldap | 2.3.27_2.20061018 | |
| openldap | openldap | 2.3.28_2.20061022 | |
| openldap | openldap | 2.3.28_20061022 | |
| openldap | openldap | 2.3.28_e1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "086DC60F-F530-4515-8F3D-87F30DB9B322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D538927-82D5-476E-9C85-2E9297316D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A904832-A6D6-45D4-B07C-79ED1FE47A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB554A4-EEC2-4E17-9F32-27A580B9E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "191DB249-6A73-4561-8CCA-565D1525CB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "423F9D3A-6AA7-4D64-B872-2C867EEFC3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34A5D9A5-FB1D-4ACF-846A-4DB73196122C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41400CE6-FA51-435C-93F7-B31FE42F18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6022ABEB-6825-4A5F-9884-74F94C2387F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F15789-334D-460D-B5B3-FCC71087D107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F77B1548-BB6D-4618-AE7B-E97F91A0AF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC52235-72DA-4EF4-870A-AF25181DB56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7064C52-1211-42B8-BF1F-C22D800AED07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD95826-E44A-48C6-BAAB-77A905CAE6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEA6BB6-41FC-4F15-A95F-9B052F062454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E90766C1-6DBD-435C-85E1-920DAFA26D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD13DAE-9588-4540-9183-FB80C507F985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "526366F3-52F0-4816-A356-8F39B718C048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC07AD0D-5DF9-41A4-8592-CEFF1842355D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "30017C56-42A9-4AF9-B5B3-7357E424F837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A51F38-3F5A-4F6D-93EE-776B5C2FF48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8DBEC27E-3220-42CE-B6CC-675F387CB506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E641DFFB-CBAF-4DCF-944F-443CFF836A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A552E270-5C9C-40DC-B23D-97C8D995B8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "53DF812C-E1F8-46D3-A072-3FBE696ADC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "552F2E25-DDB8-49A6-844A-8520696DBE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "149EBFB7-B58F-4557-8E46-6DF88BB5E57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03D75A36-41C4-464F-8DC4-42C841ABC087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3EE919-D05C-4625-85FE-132F6F2B932C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20D99A58-8D7E-4586-A9BF-1DD2A1DBB8D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBA0118-545E-4D7B-B819-34D157B2BA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "67826609-F4CA-42CB-A5D0-B4503DDE2C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "61676BBD-95B8-44C9-BD66-79F00381BF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "719A9B1D-8E32-461F-BCD4-F72C6AD3E63E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD73969-39F8-4849-AF6A-15ACDC2E4537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8C1DD2-865A-4CF2-8137-3C40C01C9EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38B045-2224-43D1-8618-0885505865C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5D26DAC5-EDBD-42D8-A877-1E6EA666D72B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11_9:*:*:*:*:*:*:*",
"matchCriteriaId": "E7AE325E-514C-40A1-AA56-D605377B5D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11_11:*:*:*:*:*:*:*",
"matchCriteriaId": "19397A11-E549-4F31-8007-8D5F3C0AABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11_11s:*:*:*:*:*:*:*",
"matchCriteriaId": "1C659213-271D-4F22-AE14-A1646A612D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "67B0A2B6-C560-4AE0-BC79-3C7BC9163EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "566406CE-368A-4799-A112-E5DFC5B333D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CCC734-C15B-4D2B-BF83-F214F807C44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "64796893-A90D-4B7D-BDBC-0087B57AF7E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "39914C6A-F4DB-43CC-B2B6-097365E55D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFDD8F7-AAFD-453F-99A4-F9C0424EA791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFEEAA6-0B50-4644-A183-F5FEE7BD7EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "920FC1DB-95E2-4367-BF20-77D75BD7617D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "28E643F8-005A-4170-8275-8E4AB5C25209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A34C63-C17D-4026-B409-AA9A56529B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA863B0-A6AB-44BD-84E8-B6C885EFFE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "24BFAEC7-6256-4B8F-83F5-60FBD1571936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "83227371-ACC3-4217-BFF9-0A3AAADD50DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "734B8101-BEAC-40AB-81EA-2516CA20BC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BD5253-FBC9-4384-8FC3-4E384582BE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "AA73658A-8834-4EC2-8D8F-3A7D1C834669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06BCE98E-546C-4852-BAE2-CF525A778B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "94284C78-255E-43B7-A33E-FBC25BABEA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4B298BAA-5584-4193-A3DB-31FBB0BD12B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "90604A40-A1F5-4F23-9B8C-472E8C794B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1418EC80-2F42-4C1B-BA38-CA5BDEF83F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC65FE9-348D-4468-A1EF-2AC5C673DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A400A0-B9D7-4CB2-82EA-49A599C2B30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "65587514-46AB-4D70-B7C2-FBED7F78D13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7951BAAB-CB06-4F19-891A-E07E2B3C8701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "82EC30A1-4150-44DC-89F7-5A64B8CC4A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF04D97-A561-427B-9891-A1423B86F164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1E74B0C8-2D64-4BF2-B152-87909E3029EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "88F6CA0B-ED91-4085-8EE0-1F4256747621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B90657E7-D651-4E1E-8035-13A1F024E3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7BBE5477-BE27-412A-9BA9-9690F746B4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "31300FA3-C57D-4564-927E-B06C0229BE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "342E414D-8ED6-4E5A-88F0-57B5846A3EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7C0BD0FD-BD80-4197-8479-BBB070DAB890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9CA4EF-61F1-407B-B2BF-B4AFD68F50BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "EB80C814-5B28-46CC-8237-70A558BF049C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "832AC063-6004-4A78-A964-45906361F9C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C40DFD-4FB8-40AA-ABA4-194DED1241A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "992733F2-000F-4E27-8D19-AF18543E57BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B36E0E49-D908-4A19-A621-6E7FB3E59A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "74779CA2-6741-4053-8C23-98A1F938B264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "930DAA18-113F-42B0-8382-8579575D238F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "98F50353-EBFB-4DE5-8D35-80C672A12E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "18A4F43F-8E4F-4203-B640-02BBB28052A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "28063C54-EE5E-44EC-8D47-E880C2BB45BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1_.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCFC49-6505-4713-A06C-A64782A34414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE01BA8-416B-4419-99E5-81C1FA404FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2F45B8-B9FB-4D43-B2DD-98413F5F2B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F611094-500A-4306-8C15-4878135FA45D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "32096DE5-3F2C-4FF7-BDC6-E316DFDC97A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE197F27-CB34-4B0E-A30A-C9C87295AAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "10A4256F-EC89-425F-86FD-B0DE243EBF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A34127E-507D-4F72-9F93-B23F91DB0F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A2D5D9-3E7E-4420-A338-B05A8C077229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C76EF100-3328-4C70-A123-50A4ECFF539E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCE7803-E652-4A17-8EEB-B91C81CF48E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CB439-5F0B-40CF-8564-6875CAC74FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5E524E-1B71-46B5-A14E-C2342851C0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FE103338-9AE7-4230-A8B2-09273004B4D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "12621DED-ABF1-47A7-961C-E6DE1F6302AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C8026929-4845-46E4-A6F8-E60CA498201B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DE01BD68-D6DC-4220-A3F0-71961CEA205F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "68DE3F16-E171-4FA3-9B00-3F944A4E7604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "63F7B718-0E5C-4900-A5DE-D59D37EC79D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8805A0-F543-450D-82E9-EE923904E2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "58779045-578C-41D5-9CAE-D6F48C91654C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "969F18EF-067A-47BA-9DC4-9FA69D9DCBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E12766AB-2AFE-4BBD-8B80-8BEA932ABDFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2C7514-8BB4-4B8A-A5AF-D4A26B232597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "64C0AB94-ED91-4218-8F97-862BA57D1CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FF5C05-0A64-416C-8346-EE5FF4AA14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5C081128-2846-4257-B822-10AADE54899D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.28_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "45FF1704-80C6-439E-B145-7F5B14B62E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.29_rev_1.134:*:*:*:*:*:*:*",
"matchCriteriaId": "7D92C2EA-951D-485B-8653-528926E55557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.27_2.20061018:*:*:*:*:*:*:*",
"matchCriteriaId": "548AE94B-CFF5-4416-812B-B1F60C2799F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.28_2.20061022:*:*:*:*:*:*:*",
"matchCriteriaId": "55399875-38F4-486B-88F2-E17F00C901CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.28_20061022:*:*:*:*:*:*:*",
"matchCriteriaId": "8971D9E4-C4B7-4DFF-B20D-0520D484E692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.28_e1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86033CDB-D9A3-4872-9FF7-789F2332923B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated."
},
{
"lang": "es",
"value": "slapo-pcache (overlays/pcache.c) en slapd en OpenLDAP versiones anteriores a 2.3.39, cuando es ejecutado como un servidor de almacenamiento en cach\u00e9 de proxy, asigna memoria mediante una variante malloc en lugar de calloc, lo que impide que una matriz se inicialice apropiadamente y podr\u00eda permitir a atacantes causar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) por medio de vectores de ataque desconocidos que impiden que la matriz sea terminada en null."
}
],
"id": "CVE-2007-5708",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-30T19:46:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27424"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27683"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27868"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29225"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29461"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29682"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/26245"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-551-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3645"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of OpenLDAP as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
"lastModified": "2007-11-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTA-2007-AVI-460
Vulnerability from certfr_avis - Published: 2007-10-29 - Updated: 2007-10-29
Plusieurs vulnérabilités permettent à un utilisateur malveillant de provoquer un déni de service à distance.
Description
Plusieurs vulnérabilités affectent OpenLDAP :
- la fonction add_filter_attrs() ne gère pas correctement la fin de certaines chaînes de caractères. Ce défaut permet à un utilisateur malveillant de provoquer un déni de service à distance par épuisement de la mémoire ;
- les données entrées par l'utilisateur pour l'attribut objectClasses ne sont pas normalisées de manière assez stricte. Ceci permet à un utilisateur malveillant de provoquer un arrêt inopiné du serveur, à distance.
Solution
La version 2.3.39 corrige ces problèmes. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
OpenLDAP, versions antérieures à la version 2.3.39.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eOpenLDAP, versions ant\u00e9rieures \u00e0 la version 2.3.39.\u003c/P\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s affectent OpenLDAP :\n\n- la fonction add_filter_attrs() ne g\u00e8re pas correctement la fin de\n certaines cha\u00eenes de caract\u00e8res. Ce d\u00e9faut permet \u00e0 un utilisateur\n malveillant de provoquer un d\u00e9ni de service \u00e0 distance par\n \u00e9puisement de la m\u00e9moire ;\n- les donn\u00e9es entr\u00e9es par l\u0027utilisateur pour l\u0027attribut objectClasses\n ne sont pas normalis\u00e9es de mani\u00e8re assez stricte. Ceci permet \u00e0 un\n utilisateur malveillant de provoquer un arr\u00eat inopin\u00e9 du serveur, \u00e0\n distance.\n\n## Solution\n\nLa version 2.3.39 corrige ces probl\u00e8mes. Se r\u00e9f\u00e9rer au bulletin de\ns\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n",
"cves": [
{
"name": "CVE-2007-5708",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5708"
},
{
"name": "CVE-2007-5707",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
}
],
"initial_release_date": "2007-10-29T00:00:00",
"last_revision_date": "2007-10-29T00:00:00",
"links": [
{
"title": "Site du projet OpenLDAP :",
"url": "http://www.openldap.org/software/release/changes.html"
},
{
"title": "Site de t\u00e9l\u00e9chargement du projet OpenLDAP :",
"url": "http://www.openldap.org/software/download/"
}
],
"reference": "CERTA-2007-AVI-460",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-10-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant de\nprovoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans OpenLDAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de r\u00e9vision 2.3.39 d\u0027OpenLDAP",
"url": null
}
]
}
CERTA-2008-AVI-081
Vulnerability from certfr_avis - Published: 2008-02-13 - Updated: 2008-02-13
Une vulnérabilité dans OpenLDAP permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
La fonction modrdn sert à modifier les noms relatifs (RDN ou Relative Distinguished Name). Une erreur dans cette fonction est exploitable par un utilisateur malveillant pour exécuter du code arbitraire à distance sur un serveur vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
OpenLDAP, versions 2.3.x.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cSPAN class=\"textit\"\u003eOpenLDAP\u003c/SPAN\u003e, versions 2.3.x.",
"content": "## Description\n\nLa fonction modrdn sert \u00e0 modifier les noms relatifs (RDN ou Relative\nDistinguished Name). Une erreur dans cette fonction est exploitable par\nun utilisateur malveillant pour ex\u00e9cuter du code arbitraire \u00e0 distance\nsur un serveur vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-5708",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5708"
},
{
"name": "CVE-2007-6698",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6698"
},
{
"name": "CVE-2007-5707",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
},
{
"name": "CVE-2008-0658",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0658"
}
],
"initial_release_date": "2008-02-13T00:00:00",
"last_revision_date": "2008-02-13T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-584-1 du 05 mars 2008 :",
"url": "http://www.ubuntulinux.org/usn/usn-584-1"
},
{
"title": "Site de t\u00e9l\u00e9chargement du projet OpenLDAP :",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0110-3 du 21 f\u00e9vrier 2008 :",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0110-3.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1541-1 du 08 avril 2008 :",
"url": "http://lists.debian.org/debian-security-announce/2008/msg00111.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200803-28 du 19 mars 2008 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200803-28.xml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2008:058 du 05 mars 2008 :",
"url": "http://www.mandriva.com/archives/security/advisories"
}
],
"reference": "CERTA-2008-AVI-081",
"revisions": [
{
"description": "ajout des r\u00e9f\u00e9rences Debian, Gentoo, Mandriva, Redhat, Ubuntu.",
"revision_date": "2008-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eOpenLDAP\u003c/span\u003e permet \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans OpenLDAP",
"vendor_advisories": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…