FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-0658

This CVE name corresponds to:

Entered Topic
2008-02-22 openldap -- modrdn Denial of Service vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-0658 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-0658
Phase Assigned(20080207)

Description

slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.

References

Source Reference
BUGTRAQ 20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers
CONFIRM http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h
CONFIRM http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059
CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0059
CONFIRM http://support.apple.com/kb/HT3937
APPLE APPLE-SA-2009-11-09-1
DEBIAN DSA-1541
GENTOO GLSA-200803-28
MANDRIVA MDVSA-2008:058
REDHAT RHSA-2008:0110
SUSE SUSE-SR:2008:010
UBUNTU USN-584-1
BID 27778
OVAL oval:org.mitre.oval:def:9470
VUPEN ADV-2008-0536
SECTRACK 1019481
SECUNIA 28914
SECUNIA 28926
SECUNIA 28953
SECUNIA 29068
SECUNIA 29225
SECUNIA 29256
SECUNIA 29461
SECUNIA 29682
SECUNIA 29957
VUPEN ADV-2009-3184
XF openldap-modrdn-dos(40479)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.