ID de Prueba:	1.3.6.1.4.1.25623.1.0.147069
Categoría:	Denial of Service
Título:	OpenLDAP < 2.4.27 DoS Vulnerability
Resumen:	OpenLDAP is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenLDAP is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Off-by-one error in the UTF8StringNormalize function allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. Affected Software/OS: OpenLDAP prior to version 2.4.27. Solution: Update to version 2.4.27 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4079 46599 http://secunia.com/advisories/46599 50384 http://www.securityfocus.com/bid/50384 GLSA-201406-36 http://security.gentoo.org/glsa/glsa-201406-36.xml USN-1266-1 http://www.ubuntu.com/usn/USN-1266-1 [oss-security] 20111026 CVE Request: openldap2 UTF8StringNormalize() can cause a (one-byte) buffer overflow http://www.openwall.com/lists/oss-security/2011/10/26/5 [oss-security] 20111026 Re: CVE Request: openldap2 UTF8StringNormalize() can cause a (one-byte) buffer overflow http://www.openwall.com/lists/oss-security/2011/10/26/9 http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=507238713b71208ec4f262f312cb495a302df9e9 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059%3Bselectid=7059 https://bugzilla.redhat.com/show_bug.cgi?id=749324 openldap-utf8stringnormalize-dos(70991) https://exchange.xforce.ibmcloud.com/vulnerabilities/70991
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.