CVE Vulnerabilities

CVE-2003-1201

Published: Mar 20, 2003 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).

Affected Software

Name Vendor Start Version End Version
Openldap Openldap 2.0 2.0
Openldap Openldap 2.0.1 2.0.1
Openldap Openldap 2.0.2 2.0.2
Openldap Openldap 2.0.3 2.0.3
Openldap Openldap 2.0.4 2.0.4
Openldap Openldap 2.0.5 2.0.5
Openldap Openldap 2.0.6 2.0.6
Openldap Openldap 2.0.7 2.0.7
Openldap Openldap 2.0.8 2.0.8
Openldap Openldap 2.0.9 2.0.9
Openldap Openldap 2.0.10 2.0.10
Openldap Openldap 2.0.11 2.0.11
Openldap Openldap 2.0.11_9 2.0.11_9
Openldap Openldap 2.0.11_11 2.0.11_11
Openldap Openldap 2.0.11_11s 2.0.11_11s
Openldap Openldap 2.0.12 2.0.12
Openldap Openldap 2.0.13 2.0.13
Openldap Openldap 2.0.14 2.0.14
Openldap Openldap 2.0.15 2.0.15
Openldap Openldap 2.0.16 2.0.16
Openldap Openldap 2.0.17 2.0.17
Openldap Openldap 2.0.18 2.0.18
Openldap Openldap 2.0.19 2.0.19
Openldap Openldap 2.0.20 2.0.20
Openldap Openldap 2.0.21 2.0.21
Openldap Openldap 2.0.22 2.0.22
Openldap Openldap 2.0.23 2.0.23
Openldap Openldap 2.0.25 2.0.25
Openldap Openldap 2.0.27 2.0.27
Openldap Openldap 2.1.4 2.1.4
Openldap Openldap 2.1.10 2.1.10
Openldap Openldap 2.1.11 2.1.11
Openldap Openldap 2.1.12 2.1.12
Openldap Openldap 2.1.13 2.1.13
Openldap Openldap 2.1.14 2.1.14
Openldap Openldap 2.1.15 2.1.15
Openldap Openldap 2.1.16 2.1.16

References