ldbm_back_exop_passwd in the back-ldbm backend in passwd...
Moderate severity
Unreviewed
Published
Apr 29, 2022
to the GitHub Advisory Database
•
Updated Feb 13, 2024
Description
Published by the National Vulnerability Database
Mar 20, 2003
Published to the GitHub Advisory Database
Apr 29, 2022
Last updated
Feb 13, 2024
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).
References