Your submission was sent successfully! Close

CVE-2017-17740

Published: 18 December 2017

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
openldap
Launchpad, Ubuntu, Debian
artful Not vulnerable

precise Not vulnerable

trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

zesty Not vulnerable