PT-2001-2678 · Openldap · Openldap

Published

1970-01-01

Updated

2017-10-10

CVE-2001-0977

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions OpenLDAP versions prior to 1.2.12 OpenLDAP versions prior to 2.0.8 OpenLDAP version 2.0.11

Description The issue is related to multiple vulnerabilities in the OpenLDAP package, which can lead to a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. The vulnerabilities can be exploited remotely, potentially disrupting the availability of protected information.

Recommendations For OpenLDAP versions prior to 1.2.12, update to version 1.2.12 or later. For OpenLDAP versions prior to 2.0.8, update to version 2.0.8 or later. For OpenLDAP version 2.0.11, update to a version later than 2.0.11.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-02567

BDU:2015-02568

BDU:2015-02569

BDU:2015-02570

BDU:2015-02571

BDU:2015-02572

BDU:2015-02573

BDU:2015-07861

BDU:2015-07862

BDU:2015-07863

BDU:2015-07864

BDU:2015-07865

CVE-2001-0977

Affected Products

Openldap

PT-2001-2678 · Openldap · Openldap

CVE-2001-0977

Related Identifiers

Affected Products

References · 25