CVE-2011-4079 — Off-by-one Error in Openldap

CWE-1897 documents7 sources

Severity

4.0MEDIUMNVD

EPSS

6.8%

top 8.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openldap Debian Openldap

Timeline

PublishedOct 27

Latest updateMay 17

Description

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/openldap< openldap 2.4.28-1 (bookworm)

▶Debianopenldap/openldap< 2.4.28-1+3

▶NVDopenldap/openldap2.4.26+174

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-9v33-989g-pj7q: Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2↗2022-05-17

▶

OSV

CVE-2011-4079: Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2↗2011-10-27

▶

📋Vendor Advisories

Ubuntu

OpenLDAP vulnerability↗2011-11-17

▶

Red Hat

openldap: one-byte buffer overflow in slapd↗2011-10-06

▶

Debian

CVE-2011-4079: openldap - Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earl...↗2011

▶

💬Community

Bugzilla

CVE-2011-4079 openldap: one-byte buffer overflow in slapd↗2011-10-26

▶