CVE-2008-2952

Priority
Medium
Description
liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a
denial of service (program termination) via crafted ASN.1 BER datagrams
that trigger an assertion error.
References
Bugs
Assigned-to
kees
Package
Upstream:released (2.4.11)
Patches:
Upstream:http://www.openldap.org/devel/cvsweb.cgi/libraries/liblber/io.c.diff?r1=1.111.2.7&r2=1.111.2.8&hideattic=1&sortbydate=0
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Patches:
Upstream:http://www.openldap.org/devel/cvsweb.cgi/libraries/liblber/io.c.diff?r1=1.107.2.7&r2=1.107.2.8&hideattic=1&sortbydate=0
More Information

Updated: 2017-12-15 20:26:25 UTC (commit 13913)