Denial of Service : OpenLDAP DoS Vulnerability (Feb 2021)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.146990

Categoría: Denial of Service

Título: OpenLDAP DoS Vulnerability (Feb 2021)

Resumen: OpenLDAP is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
OpenLDAP is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
In OpenLDAP an assertion failure in slapd can occur in the
issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon
exit) via a short timestamp. This is related to schema_init.c and checkTime.

Affected Software/OS:
OpenLDAP version 2.4.57 and prior and 2.5.x through 2.5.1alpha.

Solution:
Update to version 2.4.58, 2.5.4 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-27212
Debian Security Information: DSA-4860 (Google Search)
https://www.debian.org/security/2021/dsa-4860
https://bugs.openldap.org/show_bug.cgi?id=9454
https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0
https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00035.html

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.146990
Categoría:	Denial of Service
Título:	OpenLDAP DoS Vulnerability (Feb 2021)
Resumen:	OpenLDAP is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenLDAP is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: In OpenLDAP an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Affected Software/OS: OpenLDAP version 2.4.57 and prior and 2.5.x through 2.5.1alpha. Solution: Update to version 2.4.58, 2.5.4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-27212 Debian Security Information: DSA-4860 (Google Search) https://www.debian.org/security/2021/dsa-4860 https://bugs.openldap.org/show_bug.cgi?id=9454 https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0 https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00035.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH