CVE-2014-8182

Name of the Vulnerable Software and Affected Versions openldap version 2.4

Description An off-by-one error was found in openldap when processing DNS SRV messages, potentially leading to a crash. This issue affects configurations using the dnssrv backend, where an attacker could exploit the service with crafted DNS responses, causing it to crash.

Recommendations For openldap version 2.4, as a temporary workaround, consider disabling the dnssrv backend until a patch is available. Restrict access to the service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.