vendor:
OpenLDAP
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: OpenLDAP
Affected Version From: 2.3.39
Affected Version To: 2.3.39
Patch Exists: Yes
Related CWE: CVE-2007-6698
CPE: a:openldap:openldap
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-SUSE-SR-2008-010-vuln4/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2008-0658/, https://www.rapid7.com/db/vulnerabilities/ubuntu-USN-584-1/, https://www.rapid7.com/db/vulnerabilities/apple-osx-openldap-cve-2008-0658/, https://www.rapid7.com/db/vulnerabilities/freebsd-vid-e5d29309-e0db-11dc-97b2-001c2514716c/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2008-0110/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2008-0658/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2008-0110/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2007-6698/, https://www.rapid7.com/db/vulnerabilities/apple-osx-openldap-cve-2007-6698/
Other Scripts:
https://www.infosecmatter.com/nessus-plugin-library/?id=31811, https://www.infosecmatter.com/nessus-plugin-library/?id=41197, https://www.infosecmatter.com/nessus-plugin-library/?id=31159, https://www.infosecmatter.com/nessus-plugin-library/?id=31406, https://www.infosecmatter.com/nessus-plugin-library/?id=60361, https://www.infosecmatter.com/nessus-plugin-library/?id=42433, https://www.infosecmatter.com/nessus-plugin-library/?id=30236, https://www.infosecmatter.com/nessus-plugin-library/?id=31138
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2007
OpenLDAP Remote Denial of Service Vulnerability
OpenLDAP is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to deny service to legitimate users. Attackers use readily available LDAP commands to exploit this issue.
Mitigation:
Ensure that all OpenLDAP installations are up to date with the latest version.