oss-sec mailing list archives

CVE Request -- openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 12 Mar 2012 18:36:17 +0100

Hello Kurt, Steve, vendors,

  a denial of service flaw was found in the way the slapd server of the OpenLDAP,
the Lightweight Directory Access Protocol applications and development suite,
processed certain search queries requesting only attributes (no values) for a
particular entry. A remote attacker could issue a specially-crafted LDAP search
query, which once processed by a vulnerable slapd server would lead to
assertion failure (slapd abort).

Upstream bug report:
[1] http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7143

Original upstream patch:

[2]http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=ef2f5263de8802794e528cc2648ecfca369302ae


Further patches:

[3]http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=430256fafb85028443d7964a5ab1f4bbf8b2db38

[4]http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=463c1fa25d45e393dc1f1ea235286f79e872fad0


References:
[5] http://www.openldap.org/software/release/changes.html
[6] https://bugs.gentoo.org/show_bug.cgi?id=407941
[7] https://secunia.com/advisories/48372/
[8] https://bugzilla.redhat.com/show_bug.cgi?id=802514

Could you allocate a CVE identifier for this?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

CVE Request -- openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry Jan Lieskovsky (Mar 12)
- Re: CVE Request -- openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry Kurt Seifried (Mar 12)