In association with heise online

30 October 2007, 10:04

DoS vulnerabilities in OpenLDAP

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In the latest version of open source directory server OpenLDAP, version 2.3.39, the development team have fixed vulnerabilities which could have been exploited by attackers to crash the server. Where older versions of the server run as proxies, incorrect null-terminated filter lists can result in invalid memory access and crash slapd. Errors can also occur with internal conversion of values in objectClasses. These also lead to unwanted termination of the service.

The changelog in the announcement for the updated version of the software also mentions other minor bugs which have been corrected by the developers. Administrators who use OpenLDAP should install the update at their convenience.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit