PT-2017-18822 · Openldap+5 · Openldap+5

Published

2017-05-29

·

Updated

2022-06-13

·

CVE-2017-9287

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions OpenLDAP versions 2.4.44 and earlier
Description The issue allows a user with access to search the directory to crash slapd by issuing a search including the Paged Results control with a page size of 0. This is due to a double free vulnerability in the servers/slapd/back-mdb/search.c file.
Recommendations For OpenLDAP versions 2.4.44 and earlier, consider restricting access to the search function with the Paged Results control until a fix is available. As a temporary workaround, avoid using a page size of 0 in searches to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

ALT-PU-2017-2178
CESA-2017_1852
CVE-2017-9287
DLA-972-1
DSA-3868-1
MGASA-2018-0033
RHSA-2017:1852
RHSA-2017_1852
SUSE-SU-2017:1567-1
SUSE-SU-2017_1567-1
SUSE-SU-2019:0931-1
USN-3307-1
USN-3307-2

Affected Products

Alt Linux
Centos
Openldap
Red Hat
Suse
Ubuntu