|Bugzilla:||802514: CVE-2012-1164 openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry|
The MITRE CVE dictionary describes this issue as:
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.
This issue did not affect openldap as shipped with Red Hat Enterprise Linux 5 as it did not contain the relevant assertion. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2012-0899.html
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Enterprise Linux version 6 (openldap)||RHSA-2012:0899||June 19, 2012|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.