Openldap: >> Openldap >> 2.4.3 Security Vulnerabilities
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry.
CVSS Score
4.0
EPSS Score
0.068
Published
2011-10-27