exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2008-2952

Status Candidate

Overview

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.

Related Files

Debian Linux Security Advisory 1650-1
Posted Oct 12, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1650-1 - Cameron Hotchkies discovered that the OpenLDAP server slapd, a free implementation of the Lightweight Directory Access Protocol, could be crashed by sending malformed ASN1 requests.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2008-2952
SHA-256 | 568dc8be8cc1ad6289e36e477c026cb537c04822f9e55859a972226ebfb46ac3
Zero Day Initiative Advisory 08-052
Posted Aug 15, 2008
Authored by Tipping Point, Oscar Mira-Sanchez | Site zerodayinitiative.com

A vulnerability allows remote attackers to deny services on vulnerable installations of OpenLDAP. Authentication is not required to exploit this vulnerability. The specific flaw exists in the decoding of ASN.1 BER network datagrams. When the size of a BerElement is specified incorrectly, the application will trigger an assert(), leading to abnormal program termination.

tags | advisory, remote
advisories | CVE-2008-2952
SHA-256 | 826dd8760f58a7442033869b73442fa313eff4808ff2cf50406dfb60620980f0
Gentoo Linux Security Advisory 200808-9
Posted Aug 8, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200808-09 - Cameron Hotchkies discovered an error within the parsing of ASN.1 BER encoded packets in the ber_get_next() function in libraries/liblber/io.c. Versions less than 2.3.43 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-2952
SHA-256 | 1f4168b40dfa4fef8ab399ecfb21e6e13e842ce6e17a8cebff30ea1fab76bfe7
Ubuntu Security Notice 634-1
Posted Aug 1, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 634-1 - Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2008-2952
SHA-256 | df29216b8146c701d7c35711d301368373094eeac7abc92664a2def7a9a4cd3f
Mandriva Linux Security Advisory 2008-144
Posted Jul 15, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2008-2952
SHA-256 | 0086e0b69ef62cdf3040c7dbe542813ee38fad87afd143e3d4de43d040215a78
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close