Bug 202691 - CVE-2006-1470 OpenLDAP Denial of Service
CVE-2006-1470 OpenLDAP Denial of Service
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: openldap (Show other bugs)
6
All Linux
medium Severity high
: ---
: ---
Assigned To: Jay Fenlason
source=cve,reported=20060627,impact=i...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-15 16:39 EDT by Mark J. Cox (Product Security)
Modified: 2014-08-31 19:28 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-12 13:03:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2006-08-15 16:39:34 EDT
Needed for FC6

+++ This bug was initially created as a clone of Bug #197278 +++

OpenLDAP Denial of Service

A denial of service bug was found in the way OpenLDAP processes
certain messages.  It is possible for an unauthenticated remote
attacker to crash the OpenLDAP slapd server.

The original advisories are here:

http://labs.musecurity.com/advisories/MU-200606-02.txt
http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html

This issue also affects FC4

-- Additional comment from mjc@redhat.com on 2006-08-15 10:39 EST --

Mu Security reported a denial-of-service vulnerability in Mac OS X's
OpenLDAP slapd.  The issue was caused by assertions in the message
processing code--- some "default:" labels were handled with "assert()".
This is the kind of thing:

servers/slapd/connection.c
   1087         case LDAP_REQ_EXTENDED:
   1088                 INCR_OP(num_ops_initiated_, SLAP_OP_EXTENDED);
   1089                 rc = do_extended( op, &rs );
   1090                 break;
   1091
   1092         default:
   1093                 /* not reachable */
   1094                 assert( 0 );
   1095         }
   1096
   1097 operations_error:


Affected versions include at least 2.2.19 and 2.3.24.
Comment 2 Jay Fenlason 2006-09-12 13:03:10 EDT
The code in FC6 is not vulnerable to this issue. 

Note You need to log in before you can comment on or make changes to this bug.