CVE-2007-5708
Published: 30 October 2007
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
Notes
| Author | Note |
|---|---|
| jdstrand | initial inspection show this to be a reliability fix openldap2 source package does not ship slapd |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
openldap2 Launchpad, Ubuntu, Debian |
dapper |
Ignored
|
| edgy |
Ignored
|
|
| feisty |
Ignored
|
|
| gutsy |
Ignored
|
|
| upstream |
Needed
|
|
|
openldap2.2 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.2.26-5ubuntu2.4)
|
| edgy |
Released
(2.2.26-5ubuntu3.2)
|
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| upstream |
Released
(2.2.39)
|
|
|
openldap2.3 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Released
(2.3.30-2ubuntu0.1)
|
|
| gutsy |
Released
(2.3.35-1ubuntu0.1)
|
|
| upstream |
Released
(2.3.39)
|