CVE-2008-2952 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 97%

Vendor	Product	Version
openldap	openldap	2.2.4
openldap	openldap	2.2.5
openldap	openldap	2.2.6
openldap	openldap	2.2.7
openldap	openldap	2.2.8
openldap	openldap	2.2.9
openldap	openldap	2.3.4
openldap	openldap	2.3.5
openldap	openldap	2.3.6
openldap	openldap	2.3.7
openldap	openldap	2.3.8
openldap	openldap	2.3.9
openldap	openldap	2.3.10
openldap	openldap	2.3.11
openldap	openldap	2.3.12
openldap	openldap	2.3.13
openldap	openldap	2.3.14
openldap	openldap	2.3.15
openldap	openldap	2.3.16
openldap	openldap	2.3.17
openldap	openldap	2.3.18
openldap	openldap	2.3.19
openldap	openldap	2.3.20
openldap	openldap	2.3.21
openldap	openldap	2.3.22
openldap	openldap	2.3.23
openldap	openldap	2.3.24
openldap	openldap	2.3.25
openldap	openldap	2.3.26
openldap	openldap	2.3.27
openldap	openldap	2.3.28
openldap	openldap	2.3.29
openldap	openldap	2.3.30
openldap	openldap	2.3.31
openldap	openldap	2.3.32
openldap	openldap	2.3.33
openldap	openldap	2.3.34
openldap	openldap	2.3.35
openldap	openldap	2.3.36
openldap	openldap	2.3.37
openldap	openldap	2.3.38
openldap	openldap	2.3.39
openldap	openldap	2.3.40
openldap	openldap	2.3.41
openldap	openldap	2.3.42
openldap	openldap	2.3.43
openldap	openldap	2.4.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

openldap

bullseye (security)	2.4.57+dfsg-3+deb11u1 fixed
bullseye	2.4.57+dfsg-3+deb11u1 fixed
bookworm	2.5.13+dfsg-5 fixed
sid	2.5.18+dfsg-3 fixed
trixie	2.5.18+dfsg-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

openldap

hardy	dne
gutsy	dne
feisty	dne
dapper	dne

openldap2.2

hardy	dne
gutsy	dne
feisty	dne
dapper	Fixed 2.2.26-5ubuntu2.8 released

openldap2.3

hardy	Fixed 2.4.9-0ubuntu0.8.04.1 released
gutsy	Fixed 2.3.35-1ubuntu0.3 released
feisty	Fixed 2.3.30-2ubuntu0.3 released
dapper	dne

Common Weakness Enumeration

CWE-399 -

References

http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html

http://secunia.com/advisories/30853

http://secunia.com/advisories/30917

http://secunia.com/advisories/30996

http://secunia.com/advisories/31326

http://secunia.com/advisories/31364

http://secunia.com/advisories/31436

http://secunia.com/advisories/32254

http://secunia.com/advisories/32316

http://security.gentoo.org/glsa/glsa-200808-09.xml

http://wiki.rpath.com/Advisories:rPSA-2008-0249

http://www.debian.org/security/2008/dsa-1650

http://www.mandriva.com/security/advisories?name=MDVSA-2008:144

http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580

http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580%3Bselectid=5580

http://www.openwall.com/lists/oss-security/2008/07/01/2

http://www.openwall.com/lists/oss-security/2008/07/13/2

http://www.redhat.com/support/errata/RHSA-2008-0583.html

http://www.securityfocus.com/archive/1/495320/100/0/threaded

http://www.securityfocus.com/bid/30013

http://www.securitytracker.com/id?1020405

http://www.ubuntu.com/usn/usn-634-1

http://www.vupen.com/english/advisories/2008/1978/references

http://www.vupen.com/english/advisories/2008/2268

http://www.zerodayinitiative.com/advisories/ZDI-08-052/

https://exchange.xforce.ibmcloud.com/vulnerabilities/43515

https://issues.rpath.com/browse/RPL-2645

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10662

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00109.html

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00129.html

http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html

http://secunia.com/advisories/30853

http://secunia.com/advisories/30917

http://secunia.com/advisories/30996

http://secunia.com/advisories/31326

http://secunia.com/advisories/31364

http://secunia.com/advisories/31436

http://secunia.com/advisories/32254

http://secunia.com/advisories/32316

http://security.gentoo.org/glsa/glsa-200808-09.xml

http://wiki.rpath.com/Advisories:rPSA-2008-0249

http://www.debian.org/security/2008/dsa-1650

http://www.mandriva.com/security/advisories?name=MDVSA-2008:144

http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580

http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580%3Bselectid=5580

http://www.openwall.com/lists/oss-security/2008/07/01/2

http://www.openwall.com/lists/oss-security/2008/07/13/2

http://www.redhat.com/support/errata/RHSA-2008-0583.html

http://www.securityfocus.com/archive/1/495320/100/0/threaded

http://www.securityfocus.com/bid/30013

http://www.securitytracker.com/id?1020405

http://www.ubuntu.com/usn/usn-634-1

http://www.vupen.com/english/advisories/2008/1978/references

http://www.vupen.com/english/advisories/2008/2268

http://www.zerodayinitiative.com/advisories/ZDI-08-052/

https://exchange.xforce.ibmcloud.com/vulnerabilities/43515

https://issues.rpath.com/browse/RPL-2645

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10662

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00109.html

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00129.html