Openldap: >> Openldap >> 2.3.27_2.20061018 Security Vulnerabilities
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
CVSS Score
7.1
EPSS Score
0.054
Published
2007-10-30
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
CVSS Score
7.1
EPSS Score
0.029
Published
2007-10-30