FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openldap -- denial of service vulnerability

Affected packages
openldap-server < 2.4.42_1

Details

VuXML ID 4910d161-58a4-11e5-9ad8-14dae9d210b8
Discovery 2015-09-09
Entry 2015-09-12
Modified 2015-09-13

Denis Andzakovic reports:

By sending a crafted packet, an attacker may cause the OpenLDAP server to reach an assert(9 9 statement, crashing the daemon.

References

CVE Name CVE-2015-6908
URL http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
URL http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240