5

CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenldapOpenldap Version2.2.4
OpenldapOpenldap Version2.2.5
OpenldapOpenldap Version2.2.6
OpenldapOpenldap Version2.2.7
OpenldapOpenldap Version2.2.8
OpenldapOpenldap Version2.2.9
OpenldapOpenldap Version2.3.4
OpenldapOpenldap Version2.3.5
OpenldapOpenldap Version2.3.6
OpenldapOpenldap Version2.3.7
OpenldapOpenldap Version2.3.8
OpenldapOpenldap Version2.3.9
OpenldapOpenldap Version2.3.10
OpenldapOpenldap Version2.3.11
OpenldapOpenldap Version2.3.12
OpenldapOpenldap Version2.3.13
OpenldapOpenldap Version2.3.14
OpenldapOpenldap Version2.3.15
OpenldapOpenldap Version2.3.16
OpenldapOpenldap Version2.3.17
OpenldapOpenldap Version2.3.18
OpenldapOpenldap Version2.3.19
OpenldapOpenldap Version2.3.20
OpenldapOpenldap Version2.3.21
OpenldapOpenldap Version2.3.22
OpenldapOpenldap Version2.3.23
OpenldapOpenldap Version2.3.24
OpenldapOpenldap Version2.3.25
OpenldapOpenldap Version2.3.26
OpenldapOpenldap Version2.3.27
OpenldapOpenldap Version2.3.28
OpenldapOpenldap Version2.3.29
OpenldapOpenldap Version2.3.30
OpenldapOpenldap Version2.3.31
OpenldapOpenldap Version2.3.32
OpenldapOpenldap Version2.3.33
OpenldapOpenldap Version2.3.34
OpenldapOpenldap Version2.3.35
OpenldapOpenldap Version2.3.36
OpenldapOpenldap Version2.3.37
OpenldapOpenldap Version2.3.38
OpenldapOpenldap Version2.3.39
OpenldapOpenldap Version2.3.40
OpenldapOpenldap Version2.3.41
OpenldapOpenldap Version2.3.42
OpenldapOpenldap Version2.3.43
OpenldapOpenldap Version2.4.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 13.17% 0.959
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://secunia.com/advisories/31326
Vendor Advisory
http://www.vupen.com/english/advisories/2008/2268
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
http://secunia.com/advisories/30853
Vendor Advisory
http://secunia.com/advisories/30917
Vendor Advisory
http://secunia.com/advisories/30996
Vendor Advisory
http://secunia.com/advisories/31364
Vendor Advisory
http://secunia.com/advisories/31436
Vendor Advisory
http://secunia.com/advisories/32254
Vendor Advisory
http://secunia.com/advisories/32316
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200808-09.xml
http://wiki.rpath.com/Advisories:rPSA-2008-0249
http://www.debian.org/security/2008/dsa-1650
http://www.mandriva.com/security/advisories?name=MDVSA-2008:144
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580%3Bselectid=5580
http://www.openwall.com/lists/oss-security/2008/07/01/2
http://www.openwall.com/lists/oss-security/2008/07/13/2
http://www.redhat.com/support/errata/RHSA-2008-0583.html
http://www.securityfocus.com/archive/1/495320/100/0/threaded
http://www.securityfocus.com/bid/30013
http://www.securitytracker.com/id?1020405
http://www.ubuntu.com/usn/usn-634-1
http://www.vupen.com/english/advisories/2008/1978/references
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-052/
https://exchange.xforce.ibmcloud.com/vulnerabilities/43515
https://issues.rpath.com/browse/RPL-2645
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10662
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00109.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00129.html