cbcvebase.
CVE-2015-1545
published 2015-02-12

CVE-2015-1545: The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL…

PriorityP428medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
11.09%
95.4th percentile
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.

Affected

36 ranges· showing 25
VendorProductVersion rangeFixed in
applemacos_catalina_10.15.2_security_update_2019-002_mojave_security_update_2019-007
appleos_x_yosemite_v10.10.3_and_security_update_2015-004
debianopenldap< openldap 2.4.40-4 (bookworm)openldap 2.4.40-4 (bookworm)
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap
openldapopenldap

Detection & IOCsextracted from sources · hover to see the quote

  • Trigger condition: a search request containing a deref control with an empty attribute list causes a NULL pointer dereference crash in slapd (deref_parseCtrl in servers/slapd/overlays/deref.c)
  • Vulnerable process to monitor for unexpected crashes: slapd (OpenLDAP daemon) — crash indicates possible exploitation attempt
  • Affected code path is only reachable when the deref overlay is enabled in slapd; systems without deref overlay support are not affected
  • ·Vulnerability only exists in OpenLDAP versions 2.4.13 through 2.4.40; fixed in 2.4.40-4 (Debian) and 2.4.40-3.fc21 (Fedora 21)
  • ·The deref overlay must be explicitly enabled in slapd configuration for this vulnerability to be exploitable; default installs without the overlay are not at risk

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu2.6LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.