7.1

CVE-2007-5707

OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute.  NOTE: this has been reported as a double free, but the reports are inconsistent.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenldapOpenldap Version1.0
OpenldapOpenldap Version1.0.1
OpenldapOpenldap Version1.0.2
OpenldapOpenldap Version1.0.3
OpenldapOpenldap Version1.1
OpenldapOpenldap Version1.1.0
OpenldapOpenldap Version1.1.1
OpenldapOpenldap Version1.1.2
OpenldapOpenldap Version1.1.3
OpenldapOpenldap Version1.1.4
OpenldapOpenldap Version1.2
OpenldapOpenldap Version1.2.0
OpenldapOpenldap Version1.2.1
OpenldapOpenldap Version1.2.2
OpenldapOpenldap Version1.2.3
OpenldapOpenldap Version1.2.4
OpenldapOpenldap Version1.2.5
OpenldapOpenldap Version1.2.6
OpenldapOpenldap Version1.2.7
OpenldapOpenldap Version1.2.8
OpenldapOpenldap Version1.2.9
OpenldapOpenldap Version1.2.10
OpenldapOpenldap Version1.2.11
OpenldapOpenldap Version1.2.12
OpenldapOpenldap Version1.2.13
OpenldapOpenldap Version2.0
OpenldapOpenldap Version2.0.0
OpenldapOpenldap Version2.0.1
OpenldapOpenldap Version2.0.2
OpenldapOpenldap Version2.0.3
OpenldapOpenldap Version2.0.4
OpenldapOpenldap Version2.0.5
OpenldapOpenldap Version2.0.6
OpenldapOpenldap Version2.0.7
OpenldapOpenldap Version2.0.8
OpenldapOpenldap Version2.0.9
OpenldapOpenldap Version2.0.10
OpenldapOpenldap Version2.0.11
OpenldapOpenldap Version2.0.11_9
OpenldapOpenldap Version2.0.11_11
OpenldapOpenldap Version2.0.11_11s
OpenldapOpenldap Version2.0.12
OpenldapOpenldap Version2.0.13
OpenldapOpenldap Version2.0.14
OpenldapOpenldap Version2.0.15
OpenldapOpenldap Version2.0.16
OpenldapOpenldap Version2.0.17
OpenldapOpenldap Version2.0.18
OpenldapOpenldap Version2.0.19
OpenldapOpenldap Version2.0.20
OpenldapOpenldap Version2.0.21
OpenldapOpenldap Version2.0.22
OpenldapOpenldap Version2.0.23
OpenldapOpenldap Version2.0.24
OpenldapOpenldap Version2.0.25
OpenldapOpenldap Version2.0.26
OpenldapOpenldap Version2.0.27
OpenldapOpenldap Version2.1.2
OpenldapOpenldap Version2.1.3
OpenldapOpenldap Version2.1.4
OpenldapOpenldap Version2.1.5
OpenldapOpenldap Version2.1.6
OpenldapOpenldap Version2.1.7
OpenldapOpenldap Version2.1.8
OpenldapOpenldap Version2.1.9
OpenldapOpenldap Version2.1.10
OpenldapOpenldap Version2.1.11
OpenldapOpenldap Version2.1.12
OpenldapOpenldap Version2.1.13
OpenldapOpenldap Version2.1.14
OpenldapOpenldap Version2.1.15
OpenldapOpenldap Version2.1.16
OpenldapOpenldap Version2.1.17
OpenldapOpenldap Version2.1.18
OpenldapOpenldap Version2.1.19
OpenldapOpenldap Version2.1.20
OpenldapOpenldap Version2.1.21
OpenldapOpenldap Version2.1.22
OpenldapOpenldap Version2.1.23
OpenldapOpenldap Version2.1.24
OpenldapOpenldap Version2.1.25
OpenldapOpenldap Version2.1.26
OpenldapOpenldap Version2.1.27
OpenldapOpenldap Version2.1.28
OpenldapOpenldap Version2.1.29
OpenldapOpenldap Version2.1.30
OpenldapOpenldap Version2.1_.20
OpenldapOpenldap Version2.2.0
OpenldapOpenldap Version2.2.1
OpenldapOpenldap Version2.2.4
OpenldapOpenldap Version2.2.5
OpenldapOpenldap Version2.2.6
OpenldapOpenldap Version2.2.7
OpenldapOpenldap Version2.2.8
OpenldapOpenldap Version2.2.9
OpenldapOpenldap Version2.2.10
OpenldapOpenldap Version2.2.11
OpenldapOpenldap Version2.2.12
OpenldapOpenldap Version2.2.13
OpenldapOpenldap Version2.2.14
OpenldapOpenldap Version2.2.15
OpenldapOpenldap Version2.2.16
OpenldapOpenldap Version2.2.17
OpenldapOpenldap Version2.2.18
OpenldapOpenldap Version2.2.19
OpenldapOpenldap Version2.2.20
OpenldapOpenldap Version2.2.21
OpenldapOpenldap Version2.2.22
OpenldapOpenldap Version2.2.23
OpenldapOpenldap Version2.2.24
OpenldapOpenldap Version2.2.25
OpenldapOpenldap Version2.2.26
OpenldapOpenldap Version2.2.27
OpenldapOpenldap Version2.2.28_r2
OpenldapOpenldap Version2.2.29_rev_1.134
OpenldapOpenldap Version2.3.27_2.20061018
OpenldapOpenldap Version2.3.28_2.20061022
OpenldapOpenldap Version2.3.28_20061022
OpenldapOpenldap Version2.3.28_e1.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.65% 0.882
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/27756
Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_24_sr.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
http://secunia.com/advisories/27424
Patch
Vendor Advisory
http://secunia.com/advisories/27587
Vendor Advisory
http://secunia.com/advisories/27596
Vendor Advisory
http://secunia.com/advisories/27683
Vendor Advisory
http://secunia.com/advisories/27868
Vendor Advisory
http://secunia.com/advisories/29461
Vendor Advisory
http://secunia.com/advisories/29682
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-28.xml
http://support.apple.com/kb/HT3937
http://www.debian.org/security/2008/dsa-1541
http://www.mandriva.com/security/advisories?name=MDKSA-2007:215
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5119
http://www.openldap.org/lists/openldap-announce/200710/msg00001.html
Patch
http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html
http://www.redhat.com/support/errata/RHSA-2007-1037.html
http://www.redhat.com/support/errata/RHSA-2007-1038.html
http://www.securityfocus.com/bid/26245
http://www.securitytracker.com/id?1018924
http://www.ubuntu.com/usn/usn-551-1
http://www.vupen.com/english/advisories/2007/3645
Vendor Advisory
http://www.vupen.com/english/advisories/2009/3184
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10183