contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html | Mailing List Third Party Advisory |
http://www.openldap.org/its/index.cgi/Incoming?id=8759 | Issue Tracking Vendor Advisory |
https://kc.mcafee.com/corporate/index?page=content&id=SB10365 | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-12-18T06:00:00
Updated: 2022-04-19T23:19:16
Reserved: 2017-12-18T00:00:00
Link: CVE-2017-17740
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-12-18T06:29:00.397
Modified: 2022-06-13T19:10:10.043
Link: CVE-2017-17740
JSON object: View
Redhat Information
No data.
CWE