CVE-2015-1545
CVE-2015-1545
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-07/msg00069.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988http://seclists.org/fulldisclosure/2019/Dec/26http://secunia.com/advisories/62787https://exchange.xforce.ibmcloud.com/vulnerabilities/100937https://seclists.org/bugtraq/2019/Dec/23https://support.apple.com/HT204659https://support.apple.com/kb/HT210788http://www.debian.org/security/2015/dsa-3209http://www.mandriva.com/security/advisories?name=MDVSA-2015:073http://www.mandriva.com/security/advisories?name=MDVSA-2015:074