header-logo
Suggest Exploit
vendor:
OpenLDAP
by:
Unknown
7.5
CVSS
HIGH
Arbitrary Code Execution, Denial-of-Service
CWE
Product Name: OpenLDAP
Affected Version From: 2.4.22
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

OpenLDAP Multiple Vulnerabilities

The vulnerabilities in OpenLDAP allow remote attackers to execute arbitrary code or cause denial-of-service conditions. The specific exploit involves using the 'ldapmodrdn' command with specific parameters.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41770/info

OpenLDAP is prone to multiple vulnerabilities.

Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application or cause denial-of-service conditions.

OpenLDAP 2.4.22 is vulnerable; other versions may also be affected.

ldapmodrdn -x cn=something,dc=anything cn=#80
ldapmodrdn -x dc=something,dc=anything dc=