PT-2001-2678 · Openldap · Openldap

Publicado

1970-01-01

Atualizado

2017-10-10

CVE-2001-0977

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions OpenLDAP versions prior to 1.2.12 OpenLDAP versions prior to 2.0.8 OpenLDAP version 2.0.11

Description The issue is related to multiple vulnerabilities in the OpenLDAP package, which can lead to a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. The vulnerabilities can be exploited remotely, potentially disrupting the availability of protected information.

Recommendations For OpenLDAP versions prior to 1.2.12, update to version 1.2.12 or later. For OpenLDAP versions prior to 2.0.8, update to version 2.0.8 or later. For OpenLDAP version 2.0.11, update to a version later than 2.0.11.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

BDU:2015-02567

BDU:2015-02568

BDU:2015-02569

BDU:2015-02570

BDU:2015-02571

BDU:2015-02572

BDU:2015-02573

BDU:2015-07861

BDU:2015-07862

BDU:2015-07863

BDU:2015-07864

BDU:2015-07865

CVE-2001-0977

Produtos afetados

Openldap

PT-2001-2678 · Openldap · Openldap

CVE-2001-0977

Identificadores relacionados

Produtos afetados

Referências · 25