CVE-2008-0658

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions 2.3.39 through 2.3.40 OpenLDAP version 2.3.41 and earlier are not explicitly mentioned as non-vulnerable, but since 2.3.41 is mentioned as the version after which the issue is fixed in the context of the provided information, it implies versions prior to 2.3.41 are affected. Thus, simplifying the range: OpenLDAP versions prior to 2.3.41

Description: The issue allows remote authenticated users to cause a denial of service, potentially leading to disruption of protected information. This can be achieved through exploitation of multiple vulnerabilities in the OpenLDAP package, specifically in the BDB backend for slapd, via a modrdn operation with a NOOP control. The exploitation can be carried out remotely.

Recommendations: For OpenLDAP versions prior to 2.3.41, update to version 2.3.41 or later to resolve the issue. As a temporary workaround, consider restricting access to the modrdn operation with a NOOP control until a patch is available.