7.1

CVE-2007-5708

slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenldapOpenldap Version1.0
OpenldapOpenldap Version1.0.1
OpenldapOpenldap Version1.0.2
OpenldapOpenldap Version1.0.3
OpenldapOpenldap Version1.1
OpenldapOpenldap Version1.1.0
OpenldapOpenldap Version1.1.1
OpenldapOpenldap Version1.1.2
OpenldapOpenldap Version1.1.3
OpenldapOpenldap Version1.1.4
OpenldapOpenldap Version1.2
OpenldapOpenldap Version1.2.0
OpenldapOpenldap Version1.2.1
OpenldapOpenldap Version1.2.2
OpenldapOpenldap Version1.2.3
OpenldapOpenldap Version1.2.4
OpenldapOpenldap Version1.2.5
OpenldapOpenldap Version1.2.6
OpenldapOpenldap Version1.2.7
OpenldapOpenldap Version1.2.8
OpenldapOpenldap Version1.2.9
OpenldapOpenldap Version1.2.10
OpenldapOpenldap Version1.2.11
OpenldapOpenldap Version1.2.12
OpenldapOpenldap Version1.2.13
OpenldapOpenldap Version2.0
OpenldapOpenldap Version2.0.0
OpenldapOpenldap Version2.0.1
OpenldapOpenldap Version2.0.2
OpenldapOpenldap Version2.0.3
OpenldapOpenldap Version2.0.4
OpenldapOpenldap Version2.0.5
OpenldapOpenldap Version2.0.6
OpenldapOpenldap Version2.0.7
OpenldapOpenldap Version2.0.8
OpenldapOpenldap Version2.0.9
OpenldapOpenldap Version2.0.10
OpenldapOpenldap Version2.0.11
OpenldapOpenldap Version2.0.11_9
OpenldapOpenldap Version2.0.11_11
OpenldapOpenldap Version2.0.11_11s
OpenldapOpenldap Version2.0.12
OpenldapOpenldap Version2.0.13
OpenldapOpenldap Version2.0.14
OpenldapOpenldap Version2.0.15
OpenldapOpenldap Version2.0.16
OpenldapOpenldap Version2.0.17
OpenldapOpenldap Version2.0.18
OpenldapOpenldap Version2.0.19
OpenldapOpenldap Version2.0.20
OpenldapOpenldap Version2.0.21
OpenldapOpenldap Version2.0.22
OpenldapOpenldap Version2.0.23
OpenldapOpenldap Version2.0.24
OpenldapOpenldap Version2.0.25
OpenldapOpenldap Version2.0.26
OpenldapOpenldap Version2.0.27
OpenldapOpenldap Version2.1.2
OpenldapOpenldap Version2.1.3
OpenldapOpenldap Version2.1.4
OpenldapOpenldap Version2.1.5
OpenldapOpenldap Version2.1.6
OpenldapOpenldap Version2.1.7
OpenldapOpenldap Version2.1.8
OpenldapOpenldap Version2.1.9
OpenldapOpenldap Version2.1.10
OpenldapOpenldap Version2.1.11
OpenldapOpenldap Version2.1.12
OpenldapOpenldap Version2.1.13
OpenldapOpenldap Version2.1.14
OpenldapOpenldap Version2.1.15
OpenldapOpenldap Version2.1.16
OpenldapOpenldap Version2.1.17
OpenldapOpenldap Version2.1.18
OpenldapOpenldap Version2.1.19
OpenldapOpenldap Version2.1.20
OpenldapOpenldap Version2.1.21
OpenldapOpenldap Version2.1.22
OpenldapOpenldap Version2.1.23
OpenldapOpenldap Version2.1.24
OpenldapOpenldap Version2.1.25
OpenldapOpenldap Version2.1.26
OpenldapOpenldap Version2.1.27
OpenldapOpenldap Version2.1.28
OpenldapOpenldap Version2.1.29
OpenldapOpenldap Version2.1.30
OpenldapOpenldap Version2.1_.20
OpenldapOpenldap Version2.2.0
OpenldapOpenldap Version2.2.1
OpenldapOpenldap Version2.2.4
OpenldapOpenldap Version2.2.5
OpenldapOpenldap Version2.2.6
OpenldapOpenldap Version2.2.7
OpenldapOpenldap Version2.2.8
OpenldapOpenldap Version2.2.9
OpenldapOpenldap Version2.2.10
OpenldapOpenldap Version2.2.11
OpenldapOpenldap Version2.2.12
OpenldapOpenldap Version2.2.13
OpenldapOpenldap Version2.2.14
OpenldapOpenldap Version2.2.15
OpenldapOpenldap Version2.2.16
OpenldapOpenldap Version2.2.17
OpenldapOpenldap Version2.2.18
OpenldapOpenldap Version2.2.19
OpenldapOpenldap Version2.2.20
OpenldapOpenldap Version2.2.21
OpenldapOpenldap Version2.2.22
OpenldapOpenldap Version2.2.23
OpenldapOpenldap Version2.2.24
OpenldapOpenldap Version2.2.25
OpenldapOpenldap Version2.2.26
OpenldapOpenldap Version2.2.27
OpenldapOpenldap Version2.2.28_r2
OpenldapOpenldap Version2.2.29_rev_1.134
OpenldapOpenldap Version2.3.27_2.20061018
OpenldapOpenldap Version2.3.28_2.20061022
OpenldapOpenldap Version2.3.28_20061022
OpenldapOpenldap Version2.3.28_e1.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.62% 0.835
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/27756
Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_24_sr.html
http://secunia.com/advisories/27424
Patch
Vendor Advisory
http://secunia.com/advisories/27683
Vendor Advisory
http://secunia.com/advisories/27868
Vendor Advisory
http://secunia.com/advisories/29461
Vendor Advisory
http://secunia.com/advisories/29682
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-28.xml
http://www.debian.org/security/2008/dsa-1541
http://www.openldap.org/lists/openldap-announce/200710/msg00001.html
Patch
http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html
http://www.securityfocus.com/bid/26245
http://www.ubuntu.com/usn/usn-551-1
http://www.vupen.com/english/advisories/2007/3645
Vendor Advisory
http://secunia.com/advisories/29225
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:058
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163