This security bulletin contains one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error when performing searches with nested boolean expressions in filter.c within the slapd daemon in OpenLDAP. A remote attacker can send a specially crafted LDAP request to the affected server and crash the LDAP service.
Update the affected packages.
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?