OpenLDAP ber_get_next denial of service vulnerability
Issue
- A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain BER data. A remote attacker could exploit this flaw by using a specially crafted packet to crash the OpenLDAP server (denial of service). The server could be crashed even when running in daemon mode.
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- openldap
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.