CVE-2015-1545 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Vendor	Product	Version
openldap	openldap	2.4.13
openldap	openldap	2.4.14
openldap	openldap	2.4.15
openldap	openldap	2.4.16
openldap	openldap	2.4.17
openldap	openldap	2.4.18
openldap	openldap	2.4.19
openldap	openldap	2.4.20
openldap	openldap	2.4.21
openldap	openldap	2.4.22
openldap	openldap	2.4.23
openldap	openldap	2.4.24
openldap	openldap	2.4.25
openldap	openldap	2.4.26
openldap	openldap	2.4.27
openldap	openldap	2.4.28
openldap	openldap	2.4.29
openldap	openldap	2.4.30
openldap	openldap	2.4.31
openldap	openldap	2.4.32
openldap	openldap	2.4.33
openldap	openldap	2.4.34
openldap	openldap	2.4.35
openldap	openldap	2.4.36
openldap	openldap	2.4.37
openldap	openldap	2.4.38
openldap	openldap	2.4.39
openldap	openldap	2.4.40

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

openldap

bullseye (security)	2.4.57+dfsg-3+deb11u1 fixed
bullseye	2.4.57+dfsg-3+deb11u1 fixed
wheezy	no-dsa
squeeze	no-dsa
bookworm	2.5.13+dfsg-5 fixed
sid	2.5.18+dfsg-3 fixed
trixie	2.5.18+dfsg-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

openldap

vivid	Fixed 2.4.31-1+nmu2ubuntu12.1 released
utopic	Fixed 2.4.31-1+nmu2ubuntu11.1 released
trusty	Fixed 2.4.31-1+nmu2ubuntu8.1 released
precise	Fixed 2.4.28-1.1ubuntu4.5 released
lucid	ignored

Known Exploits!

References

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html

http://seclists.org/fulldisclosure/2019/Dec/26

http://secunia.com/advisories/62787

http://www.debian.org/security/2015/dsa-3209

http://www.mandriva.com/security/advisories?name=MDVSA-2015:073

http://www.mandriva.com/security/advisories?name=MDVSA-2015:074

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=c32e74763f77675b9e144126e375977ed6dc562c

http://www.openldap.org/its/?findid=8027

http://www.openwall.com/lists/oss-security/2015/02/07/3

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

http://www.securityfocus.com/bid/72519

http://www.securitytracker.com/id/1032399

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988

https://exchange.xforce.ibmcloud.com/vulnerabilities/100937

https://seclists.org/bugtraq/2019/Dec/23

https://support.apple.com/HT204659

https://support.apple.com/kb/HT210788

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html

http://seclists.org/fulldisclosure/2019/Dec/26

http://secunia.com/advisories/62787

http://www.debian.org/security/2015/dsa-3209

http://www.mandriva.com/security/advisories?name=MDVSA-2015:073

http://www.mandriva.com/security/advisories?name=MDVSA-2015:074

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=c32e74763f77675b9e144126e375977ed6dc562c

http://www.openldap.org/its/?findid=8027

http://www.openwall.com/lists/oss-security/2015/02/07/3

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

http://www.securityfocus.com/bid/72519

http://www.securitytracker.com/id/1032399

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988

https://exchange.xforce.ibmcloud.com/vulnerabilities/100937

https://seclists.org/bugtraq/2019/Dec/23

https://support.apple.com/HT204659

https://support.apple.com/kb/HT210788