CVE-2022-29155

Related Files

Debian Security Advisory 5140-1

Posted May 28, 2022

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5140-1 - Jacek Konieczny discovered a SQL injection vulnerability in the back-sql backend to slapd in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, allowing an attacker to alter the database during an LDAP search operations when a specially crafted search filter is processed.

tags | advisory, protocol, sql injection

systems | linux, debian

advisories | CVE-2022-29155

SHA-256 | 9897ab545bd716606e3e6dc857fdce950165ee9eb718713839521fe2b0e5c7ac

Download | Favorite | View

Ubuntu Security Notice USN-5424-2

Posted May 20, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5424-2 - USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.

tags | advisory, remote, sql injection

systems | linux, ubuntu

advisories | CVE-2022-29155

SHA-256 | 0e0e7d427185a4265212e9573a0d260655e14290d1cec821dc663cfb8913d341

Download | Favorite | View

Ubuntu Security Notice USN-5424-1

Posted May 17, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5424-1 - It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.

tags | advisory, remote, sql injection

systems | linux, ubuntu

advisories | CVE-2022-29155

SHA-256 | 622b2eaedb770c0fbeedd05eb4c12c43e234131acf0a55523407bb64c0dc2e6d

Download | Favorite | View