Wind River Support Network

HomeDefectsCGP6-505
Fixed

CGP6-505 : Security Advisory - openldap - CVE-2015-6908

Created: Sep 14, 2015    Updated: Apr 16, 2018
Resolved Date: Nov 10, 2015
Previous ID: LIN6-10338
Found In Version: 6.0.0.23
Fix Version: 6.0.0.27
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6908
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube