OpenLDAP "UTF8StringNormalize()" Off-by-One Denial of Service Vulnerability

Last Update Date: 28 Oct 2011 14:59 Release Date: 28 Oct 2011 5653 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in OpenLDAP, which can be exploited by malicious users to cause a Denial of Service.

The vulnerability is caused due to an off-by-one error in the "UTF8StringNormalize()" function when NULL terminating a string. This can be exploited to crash the daemon via e.g. an empty "postalAddressAttribute" value.

Impact

  • Denial of Service

System / Technologies affected

  • OpenLDAP 2.4.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Winamp Multiple Vulnerabilities

28 Oct 2011 5830 Views

Next

Novell iPrint Client "GetDriverSettings()" Buffer Overflow Vulnerability

28 Oct 2011 5763 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY