CVE-2002-0045

Name of the Vulnerable Software and Affected Versions OpenLDAP versions 2.0 through 2.0.19

Description The issue allows local users, and anonymous users before version 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be done remotely.

Recommendations For versions 2.0 through 2.0.19, consider updating to a version later than 2.0.19 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.