CVE-2015-1545
EUVD-2015-167912.02.2015, 16:59
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| openldap | openldap | 2.4.13 |
| openldap | openldap | 2.4.14 |
| openldap | openldap | 2.4.15 |
| openldap | openldap | 2.4.16 |
| openldap | openldap | 2.4.17 |
| openldap | openldap | 2.4.18 |
| openldap | openldap | 2.4.19 |
| openldap | openldap | 2.4.20 |
| openldap | openldap | 2.4.21 |
| openldap | openldap | 2.4.22 |
| openldap | openldap | 2.4.23 |
| openldap | openldap | 2.4.24 |
| openldap | openldap | 2.4.25 |
| openldap | openldap | 2.4.26 |
| openldap | openldap | 2.4.27 |
| openldap | openldap | 2.4.28 |
| openldap | openldap | 2.4.29 |
| openldap | openldap | 2.4.30 |
| openldap | openldap | 2.4.31 |
| openldap | openldap | 2.4.32 |
| openldap | openldap | 2.4.33 |
| openldap | openldap | 2.4.34 |
| openldap | openldap | 2.4.35 |
| openldap | openldap | 2.4.36 |
| openldap | openldap | 2.4.37 |
| openldap | openldap | 2.4.38 |
| openldap | openldap | 2.4.39 |
| openldap | openldap | 2.4.40 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References