ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openldap | Openldap | 2.0 | 2.0 |
Openldap | Openldap | 2.0.1 | 2.0.1 |
Openldap | Openldap | 2.0.2 | 2.0.2 |
Openldap | Openldap | 2.0.3 | 2.0.3 |
Openldap | Openldap | 2.0.4 | 2.0.4 |
Openldap | Openldap | 2.0.5 | 2.0.5 |
Openldap | Openldap | 2.0.6 | 2.0.6 |
Openldap | Openldap | 2.0.7 | 2.0.7 |
Openldap | Openldap | 2.0.8 | 2.0.8 |
Openldap | Openldap | 2.0.9 | 2.0.9 |
Openldap | Openldap | 2.0.10 | 2.0.10 |
Openldap | Openldap | 2.0.11 | 2.0.11 |
Openldap | Openldap | 2.0.11_9 | 2.0.11_9 |
Openldap | Openldap | 2.0.11_11 | 2.0.11_11 |
Openldap | Openldap | 2.0.11_11s | 2.0.11_11s |
Openldap | Openldap | 2.0.12 | 2.0.12 |
Openldap | Openldap | 2.0.13 | 2.0.13 |
Openldap | Openldap | 2.0.14 | 2.0.14 |
Openldap | Openldap | 2.0.15 | 2.0.15 |
Openldap | Openldap | 2.0.16 | 2.0.16 |
Openldap | Openldap | 2.0.17 | 2.0.17 |
Openldap | Openldap | 2.0.18 | 2.0.18 |
Openldap | Openldap | 2.0.19 | 2.0.19 |
Openldap | Openldap | 2.0.20 | 2.0.20 |
Openldap | Openldap | 2.0.21 | 2.0.21 |
Openldap | Openldap | 2.0.22 | 2.0.22 |
Openldap | Openldap | 2.0.23 | 2.0.23 |
Openldap | Openldap | 2.0.25 | 2.0.25 |
Openldap | Openldap | 2.0.27 | 2.0.27 |
Openldap | Openldap | 2.1.4 | 2.1.4 |
Openldap | Openldap | 2.1.10 | 2.1.10 |
Openldap | Openldap | 2.1.11 | 2.1.11 |
Openldap | Openldap | 2.1.12 | 2.1.12 |
Openldap | Openldap | 2.1.13 | 2.1.13 |
Openldap | Openldap | 2.1.14 | 2.1.14 |
Openldap | Openldap | 2.1.15 | 2.1.15 |
Openldap | Openldap | 2.1.16 | 2.1.16 |