CVE-2007-5708
Publication date 30 October 2007
Last updated 24 July 2024
Ubuntu priority
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| openldap2 | 7.10 gutsy | Ignored |
| 7.04 feisty | Ignored | |
| 6.10 edgy | Ignored | |
| 6.06 LTS dapper | Ignored | |
| openldap2.2 | 7.10 gutsy | Not in release |
| 7.04 feisty | Not in release | |
| 6.10 edgy |
Fixed 2.2.26-5ubuntu3.2
|
|
| 6.06 LTS dapper |
Fixed 2.2.26-5ubuntu2.4
|
|
| openldap2.3 | 7.10 gutsy |
Fixed 2.3.35-1ubuntu0.1
|
| 7.04 feisty |
Fixed 2.3.30-2ubuntu0.1
|
|
| 6.10 edgy | Not in release | |
| 6.06 LTS dapper | Not in release |
Notes
jdstrand
initial inspection show this to be a reliability fix openldap2 source package does not ship slapd