CVE-2007-5707
Published: 30 October 2007
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
Notes
Author | Note |
---|---|
jdstrand |
openldap2 source package does not ship slapd |
Priority
Status
Package | Release | Status |
---|---|---|
openldap2
Launchpad, Ubuntu, Debian |
dapper |
Ignored
|
edgy |
Ignored
|
|
feisty |
Ignored
|
|
gutsy |
Ignored
|
|
upstream |
Needed
|
|
openldap2.2
Launchpad, Ubuntu, Debian |
dapper |
Released
(2.2.26-5ubuntu2.4)
|
edgy |
Released
(2.2.26-5ubuntu3.2)
|
|
feisty |
Does not exist
|
|
gutsy |
Does not exist
|
|
upstream |
Released
(2.2.39)
|
|
openldap2.3
Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Released
(2.3.30-2ubuntu0.1)
|
|
gutsy |
Released
(2.3.35-1ubuntu0.1)
|
|
upstream |
Released
(2.3.39)
|