Vulnerability-Lookup

CVE-2008-0658 (GCVE-0-2008-0658)

Vulnerability from cvelistv5 – Published: 2008-02-13 20:00 – Updated: 2024-08-07 07:54

Summary

slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/29461	third-party-advisoryx_refsource_SECUNIA
	http://www.openldap.org/devel/cvsweb.cgi/servers/…	x_refsource_CONFIRM
	http://secunia.com/advisories/29225	third-party-advisoryx_refsource_SECUNIA
	http://wiki.rpath.com/Advisories:rPSA-2008-0059	x_refsource_CONFIRM
	http://secunia.com/advisories/29682	third-party-advisoryx_refsource_SECUNIA
	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059	x_refsource_CONFIRM
	http://secunia.com/advisories/29256	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/488242/100…	mailing-listx_refsource_BUGTRAQ
	http://security.gentoo.org/glsa/glsa-200803-28.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/29068	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-584-1	vendor-advisoryx_refsource_UBUNTU
	http://www.redhat.com/support/errata/RHSA-2008-01…	vendor-advisoryx_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/28953	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28914	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2008/dsa-1541	vendor-advisoryx_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.openldap.org/its/index.cgi/Software%20…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/3184	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/28926	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/27778	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2008/0536…	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/29957	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT3937	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1019481	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:54:22.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2008:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
          },
          {
            "name": "MDVSA-2008:058",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
          },
          {
            "name": "29461",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29461"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
          },
          {
            "name": "29225",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29225"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
          },
          {
            "name": "29682",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29682"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
          },
          {
            "name": "29256",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29256"
          },
          {
            "name": "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
          },
          {
            "name": "GLSA-200803-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
          },
          {
            "name": "29068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29068"
          },
          {
            "name": "USN-584-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-584-1"
          },
          {
            "name": "RHSA-2008:0110",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9470",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
          },
          {
            "name": "28953",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28953"
          },
          {
            "name": "28914",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28914"
          },
          {
            "name": "DSA-1541",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1541"
          },
          {
            "name": "openldap-modrdn-dos(40479)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
          },
          {
            "name": "ADV-2009-3184",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3184"
          },
          {
            "name": "28926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28926"
          },
          {
            "name": "27778",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27778"
          },
          {
            "name": "ADV-2008-0536",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0536/references"
          },
          {
            "name": "APPLE-SA-2009-11-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
          },
          {
            "name": "29957",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29957"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3937"
          },
          {
            "name": "1019481",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019481"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SR:2008:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
        },
        {
          "name": "MDVSA-2008:058",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
        },
        {
          "name": "29461",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29461"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
        },
        {
          "name": "29225",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29225"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
        },
        {
          "name": "29682",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29682"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
        },
        {
          "name": "29256",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29256"
        },
        {
          "name": "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
        },
        {
          "name": "GLSA-200803-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
        },
        {
          "name": "29068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29068"
        },
        {
          "name": "USN-584-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-584-1"
        },
        {
          "name": "RHSA-2008:0110",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9470",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
        },
        {
          "name": "28953",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28953"
        },
        {
          "name": "28914",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28914"
        },
        {
          "name": "DSA-1541",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1541"
        },
        {
          "name": "openldap-modrdn-dos(40479)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
        },
        {
          "name": "ADV-2009-3184",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3184"
        },
        {
          "name": "28926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28926"
        },
        {
          "name": "27778",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27778"
        },
        {
          "name": "ADV-2008-0536",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0536/references"
        },
        {
          "name": "APPLE-SA-2009-11-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
        },
        {
          "name": "29957",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29957"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3937"
        },
        {
          "name": "1019481",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019481"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-0658",
    "datePublished": "2008-02-13T20:00:00.000Z",
    "dateReserved": "2008-02-07T00:00:00.000Z",
    "dateUpdated": "2024-08-07T07:54:22.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-8QJ7-7P8R-JHQJ

Vulnerability from github – Published: 2022-05-01 23:32 – Updated: 2022-05-01 23:32

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0658"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-02-13T21:00:00Z",
    "severity": "MODERATE"
  },
  "details": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.",
  "id": "GHSA-8qj7-7p8r-jhqj",
  "modified": "2022-05-01T23:32:13Z",
  "published": "2022-05-01T23:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0658"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28914"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28926"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28953"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29068"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29225"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29256"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29461"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29682"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29957"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3937"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1541"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
    },
    {
      "type": "WEB",
      "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
    },
    {
      "type": "WEB",
      "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27778"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019481"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-584-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0536/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/3184"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2009-AVI-487

Vulnerability from certfr_avis - Published: 2009-11-10 - Updated: 2009-11-10

De multiples vulnérabilités dans Apple MacOS X permettent entre autres l'exécution de code arbitraire à distance.

Description

L'éditeur Apple a publié un ensemble de correctifs pour les applications livrées avec son système d'exploitation Mac OS X. L'exploitation des vulnérabilités par une personne malintentionnée pourrait permettre, entre autres, l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	macOS	Mac OS X 10.5 ;
Apple	macOS	Mac OS X 10.6 ;
Apple	macOS	Mac OS X Server 10.5 ;
Apple	macOS	Mac OS X Server 10.6.

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT3937 du 09 novembre 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X 10.5 ;",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6 ;",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5 ;",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.6.",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nL\u0027\u00e9diteur Apple a publi\u00e9 un ensemble de correctifs pour les applications\nlivr\u00e9es avec son syst\u00e8me d\u0027exploitation Mac OS X. L\u0027exploitation des\nvuln\u00e9rabilit\u00e9s par une personne malintentionn\u00e9e pourrait permettre,\nentre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2832"
    },
    {
      "name": "CVE-2009-3293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3293"
    },
    {
      "name": "CVE-2009-2820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2820"
    },
    {
      "name": "CVE-2009-1890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1890"
    },
    {
      "name": "CVE-2009-3292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3292"
    },
    {
      "name": "CVE-2009-2839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2839"
    },
    {
      "name": "CVE-2009-2825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2825"
    },
    {
      "name": "CVE-2009-2810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2810"
    },
    {
      "name": "CVE-2009-2411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2411"
    },
    {
      "name": "CVE-2009-2408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2408"
    },
    {
      "name": "CVE-2009-2416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2416"
    },
    {
      "name": "CVE-2009-2798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2798"
    },
    {
      "name": "CVE-2007-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6698"
    },
    {
      "name": "CVE-2009-2833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2833"
    },
    {
      "name": "CVE-2009-2203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2203"
    },
    {
      "name": "CVE-2009-2823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2823"
    },
    {
      "name": "CVE-2009-2840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2840"
    },
    {
      "name": "CVE-2009-2824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2824"
    },
    {
      "name": "CVE-2009-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2819"
    },
    {
      "name": "CVE-2009-1891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1891"
    },
    {
      "name": "CVE-2009-0023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0023"
    },
    {
      "name": "CVE-2009-2838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2838"
    },
    {
      "name": "CVE-2009-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
    },
    {
      "name": "CVE-2009-2818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2818"
    },
    {
      "name": "CVE-2009-1956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1956"
    },
    {
      "name": "CVE-2007-5707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
    },
    {
      "name": "CVE-2008-0658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0658"
    },
    {
      "name": "CVE-2009-2412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2412"
    },
    {
      "name": "CVE-2009-1195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1195"
    },
    {
      "name": "CVE-2009-1191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1191"
    },
    {
      "name": "CVE-2009-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2808"
    },
    {
      "name": "CVE-2009-2830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2830"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2009-3111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3111"
    },
    {
      "name": "CVE-2009-2829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2829"
    },
    {
      "name": "CVE-2009-2826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2826"
    },
    {
      "name": "CVE-2009-2414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2414"
    },
    {
      "name": "CVE-2009-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2285"
    },
    {
      "name": "CVE-2009-3291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3291"
    },
    {
      "name": "CVE-2009-2837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2837"
    },
    {
      "name": "CVE-2009-2409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2409"
    },
    {
      "name": "CVE-2009-2836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2836"
    },
    {
      "name": "CVE-2009-2799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2799"
    },
    {
      "name": "CVE-2009-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
    },
    {
      "name": "CVE-2009-2835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2835"
    },
    {
      "name": "CVE-2009-2831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2831"
    },
    {
      "name": "CVE-2009-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3235"
    },
    {
      "name": "CVE-2009-1955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1955"
    },
    {
      "name": "CVE-2009-2828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2828"
    },
    {
      "name": "CVE-2009-2202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2202"
    }
  ],
  "initial_release_date": "2009-11-10T00:00:00",
  "last_revision_date": "2009-11-10T00:00:00",
  "links": [],
  "reference": "CERTA-2009-AVI-487",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-11-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Apple MacOS X permettent entre autres\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple MacOS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT3937 du 09 novembre 2009",
      "url": "http://docs.info.apple.com/article.html?artnum=HT3937"
    }
  ]
}

CERTA-2008-AVI-081

Vulnerability from certfr_avis - Published: 2008-02-13 - Updated: 2008-02-13

Une vulnérabilité dans OpenLDAP permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

La fonction modrdn sert à modifier les noms relatifs (RDN ou Relative Distinguished Name). Une erreur dans cette fonction est exploitable par un utilisateur malveillant pour exécuter du code arbitraire à distance sur un serveur vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

OpenLDAP, versions 2.3.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-584-1 du 05 mars 2008 :	-	other
Site de téléchargement du projet OpenLDAP :	-	other
Bulletin de sécurité RedHat RHSA-2008:0110-3 du 21 février 2008 :	-	other
Bulletin de sécurité Debian DSA 1541-1 du 08 avril 2008 :	-	other
Bulletin de sécurité Gentoo GLSA-200803-28 du 19 mars 2008 :	-	other
Bulletin de sécurité Mandriva MDKSA-2008:058 du 05 mars 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eOpenLDAP\u003c/SPAN\u003e,  versions 2.3.x.",
  "content": "## Description\n\nLa fonction modrdn sert \u00e0 modifier les noms relatifs (RDN ou Relative\nDistinguished Name). Une erreur dans cette fonction est exploitable par\nun utilisateur malveillant pour ex\u00e9cuter du code arbitraire \u00e0 distance\nsur un serveur vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5708"
    },
    {
      "name": "CVE-2007-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6698"
    },
    {
      "name": "CVE-2007-5707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
    },
    {
      "name": "CVE-2008-0658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0658"
    }
  ],
  "initial_release_date": "2008-02-13T00:00:00",
  "last_revision_date": "2008-02-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-584-1 du 05 mars 2008 :",
      "url": "http://www.ubuntulinux.org/usn/usn-584-1"
    },
    {
      "title": "Site de t\u00e9l\u00e9chargement du projet OpenLDAP :",
      "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0110-3 du 21 f\u00e9vrier    2008 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0110-3.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1541-1 du 08 avril 2008 :",
      "url": "http://lists.debian.org/debian-security-announce/2008/msg00111.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200803-28 du 19 mars 2008    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-28.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2008:058 du 05 mars    2008 :",
      "url": "http://www.mandriva.com/archives/security/advisories"
    }
  ],
  "reference": "CERTA-2008-AVI-081",
  "revisions": [
    {
      "description": "ajout des r\u00e9f\u00e9rences Debian, Gentoo, Mandriva, Redhat, Ubuntu.",
      "revision_date": "2008-02-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eOpenLDAP\u003c/span\u003e permet \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans OpenLDAP",
  "vendor_advisories": []
}

FKIE_CVE-2008-0658

Vulnerability from fkie_nvd - Published: 2008-02-13 21:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html
secalert@redhat.com	http://secunia.com/advisories/28914	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28926	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28953	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29068	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29225
secalert@redhat.com	http://secunia.com/advisories/29256
secalert@redhat.com	http://secunia.com/advisories/29461
secalert@redhat.com	http://secunia.com/advisories/29682
secalert@redhat.com	http://secunia.com/advisories/29957
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200803-28.xml
secalert@redhat.com	http://support.apple.com/kb/HT3937
secalert@redhat.com	http://wiki.rpath.com/Advisories:rPSA-2008-0059
secalert@redhat.com	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1541
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:058
secalert@redhat.com	http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h	Exploit
secalert@redhat.com	http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0110.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/488242/100/200/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/27778
secalert@redhat.com	http://www.securitytracker.com/id?1019481
secalert@redhat.com	http://www.ubuntu.com/usn/usn-584-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0536/references
secalert@redhat.com	http://www.vupen.com/english/advisories/2009/3184
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/40479
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28914	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28926	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28953	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29068	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29225
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29256
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29461
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29682
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29957
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200803-28.xml
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3937
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/Advisories:rPSA-2008-0059
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1541
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:058
af854a3a-2127-422b-91ae-364da2661108	http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0110.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/488242/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27778
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019481
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-584-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0536/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3184
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/40479
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470

Impacted products

	Vendor	Product	Version
	openldap	openldap	2.3.39

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.3.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F11D98D-F23D-45B4-9733-B3C0C781ADCC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698."
    },
    {
      "lang": "es",
      "value": "slapd/back-bdb/modrdn.c en el motor interno BDB para slapd de OpenLDAP 2.3.39. Permite a usuarios autentificados remotamente provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de una operaci\u00f3n modrdn con un control NOOP (LDAP_X_NO_OPERATION), un tema relacionado con CVE-2007-6698."
    }
  ],
  "id": "CVE-2008-0658",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-13T21:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28914"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28926"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28953"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29068"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29225"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29256"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29461"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29682"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29957"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1541"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/27778"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1019481"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-584-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0536/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/3184"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28953"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29256"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29682"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-584-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0536/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2008-0658

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-0658

Aliases

CVE-2008-0658

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0658",
    "description": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.",
    "id": "GSD-2008-0658",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-0658.html",
      "https://www.debian.org/security/2008/dsa-1541",
      "https://access.redhat.com/errata/RHSA-2008:0110",
      "https://linux.oracle.com/cve/CVE-2008-0658.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0658"
      ],
      "details": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.",
      "id": "GSD-2008-0658",
      "modified": "2023-12-13T01:22:58.229209Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-0658",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
          },
          {
            "name": "http://support.apple.com/kb/HT3937",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT3937"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2009/3184",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2009/3184"
          },
          {
            "name": "http://secunia.com/advisories/29461",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29461"
          },
          {
            "name": "http://secunia.com/advisories/29682",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29682"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200803-28.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1541",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1541"
          },
          {
            "name": "http://secunia.com/advisories/29225",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29225"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
          },
          {
            "name": "http://secunia.com/advisories/28914",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28914"
          },
          {
            "name": "http://secunia.com/advisories/28926",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28926"
          },
          {
            "name": "http://secunia.com/advisories/28953",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/28953"
          },
          {
            "name": "http://secunia.com/advisories/29068",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29068"
          },
          {
            "name": "http://secunia.com/advisories/29256",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29256"
          },
          {
            "name": "http://secunia.com/advisories/29957",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29957"
          },
          {
            "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0059",
            "refsource": "MISC",
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
          },
          {
            "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059",
            "refsource": "MISC",
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
          },
          {
            "name": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h",
            "refsource": "MISC",
            "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
          },
          {
            "name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358",
            "refsource": "MISC",
            "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0110.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/488242/100/200/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/27778",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/27778"
          },
          {
            "name": "http://www.securitytracker.com/id?1019481",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1019481"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-584-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-584-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/0536/references",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/0536/references"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openldap:openldap:2.3.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-0658"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197\u0026r2=1.198\u0026f=h"
            },
            {
              "name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
            },
            {
              "name": "28914",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28914"
            },
            {
              "name": "28926",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28926"
            },
            {
              "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
            },
            {
              "name": "27778",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/27778"
            },
            {
              "name": "28953",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28953"
            },
            {
              "name": "RHSA-2008:0110",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
            },
            {
              "name": "1019481",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019481"
            },
            {
              "name": "29068",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29068"
            },
            {
              "name": "MDVSA-2008:058",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
            },
            {
              "name": "USN-584-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-584-1"
            },
            {
              "name": "29225",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29225"
            },
            {
              "name": "29256",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29256"
            },
            {
              "name": "GLSA-200803-28",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
            },
            {
              "name": "29461",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29461"
            },
            {
              "name": "DSA-1541",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1541"
            },
            {
              "name": "29682",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29682"
            },
            {
              "name": "SUSE-SR:2008:010",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
            },
            {
              "name": "29957",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29957"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0059",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
            },
            {
              "name": "APPLE-SA-2009-11-09-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT3937",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3937"
            },
            {
              "name": "ADV-2009-3184",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/3184"
            },
            {
              "name": "ADV-2008-0536",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0536/references"
            },
            {
              "name": "openldap-modrdn-dos(40479)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40479"
            },
            {
              "name": "oval:org.mitre.oval:def:9470",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470"
            },
            {
              "name": "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T22:02Z",
      "publishedDate": "2008-02-13T21:00Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0658 (GCVE-0-2008-0658)

GHSA-8QJ7-7P8R-JHQJ

CERTA-2009-AVI-487

Description

Solution

CERTA-2008-AVI-081

Description

Solution

FKIE_CVE-2008-0658

GSD-2008-0658

Tags

Sightings

Nomenclature