CVE-2003-1201

Name of the Vulnerable Software and Affected Versions OpenLDAP versions 2.1.12 and earlier

Description The issue allows remote attackers to cause a denial of service, potentially leading to disruption of protected information availability. This is due to the ldbm back exop passwd function in the back-ldbm backend attempting to free an uninitialized pointer when the slap passwd parse function does not return LDAP SUCCESS.

Recommendations For OpenLDAP versions 2.1.12 and earlier, consider updating to a version later than 2.1.12 to resolve the issue. As a temporary workaround, consider restricting access to the ldbm back exop passwd function in the back-ldbm backend until a patch is available.