cbcvebase.
CVE-2006-6493
published 2006-12-13

CVE-2006-6493: Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind…

PriorityP341medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
9.19%
94.7th percentile
Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the LDAP_AUTH_KRBV41 authentication method and long credential data.

Affected

119 ranges· showing 25
VendorProductVersion rangeFixed in
openldapopenldap<= 2.4.3
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap

CVSS provenance

nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
vendor_redhat5.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.