LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openldap: denial of service

Package(s):openldap CVE #(s):CVE-2007-5708
Created:November 23, 2007 Updated:April 9, 2008
Description: slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Alerts:
Debian DSA-1541-1 2008-04-08
Gentoo 200803-28 2008-03-19
Mandriva MDVSA-2008:058 2007-03-05
Ubuntu USN-551-1 2007-12-04
Fedora FEDORA-2007-3124 2007-11-20
SuSE SUSE-SR:2007:024 2007-11-22
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds