#VU27445 Resource management error in OpenLDAP


Published: 2020-04-29

Vulnerability identifier: #VU27445

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-12243

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenLDAP
Server applications / Directory software, identity management

Vendor: OpenLDAP.org

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error when performing searches with nested boolean expressions in filter.c within the slapd daemon in OpenLDAP. A remote attacker can send a specially crafted LDAP request to the affected server and crash the LDAP service.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenLDAP: 2.4.3 - 2.4.49

External links
http://bugs.openldap.org/show_bug.cgi?id=9202
http://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES
http://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Hitachi Energy SDM600
Multiple vulnerabilities in Red Hat Ansible Automation Platform 1.2
Red Hat Enterprise Linux 7 update for openldap
openEuler 20.03 LTS update for openldap-2.4.49-2
OpenSUSE Linux update for openldap2
Resource management error in openldap (Alpine package)
Ubuntu update for OpenLDAP
Debian update for openldap
Denial of service in OpenLDAP