exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2008-2952

Status Candidate

Overview

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.

Related Files

Debian Linux Security Advisory 1650-1
Posted Oct 12, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1650-1 - Cameron Hotchkies discovered that the OpenLDAP server slapd, a free implementation of the Lightweight Directory Access Protocol, could be crashed by sending malformed ASN1 requests.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2008-2952
SHA-256 | 568dc8be8cc1ad6289e36e477c026cb537c04822f9e55859a972226ebfb46ac3
Zero Day Initiative Advisory 08-052
Posted Aug 15, 2008
Authored by Tipping Point, Oscar Mira-Sanchez | Site zerodayinitiative.com

A vulnerability allows remote attackers to deny services on vulnerable installations of OpenLDAP. Authentication is not required to exploit this vulnerability. The specific flaw exists in the decoding of ASN.1 BER network datagrams. When the size of a BerElement is specified incorrectly, the application will trigger an assert(), leading to abnormal program termination.

tags | advisory, remote
advisories | CVE-2008-2952
SHA-256 | 826dd8760f58a7442033869b73442fa313eff4808ff2cf50406dfb60620980f0
Gentoo Linux Security Advisory 200808-9
Posted Aug 8, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200808-09 - Cameron Hotchkies discovered an error within the parsing of ASN.1 BER encoded packets in the ber_get_next() function in libraries/liblber/io.c. Versions less than 2.3.43 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-2952
SHA-256 | 1f4168b40dfa4fef8ab399ecfb21e6e13e842ce6e17a8cebff30ea1fab76bfe7
Ubuntu Security Notice 634-1
Posted Aug 1, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 634-1 - Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2008-2952
SHA-256 | df29216b8146c701d7c35711d301368373094eeac7abc92664a2def7a9a4cd3f
Mandriva Linux Security Advisory 2008-144
Posted Jul 15, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2008-2952
SHA-256 | 0086e0b69ef62cdf3040c7dbe542813ee38fad87afd143e3d4de43d040215a78
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close