AVG-1489 log

Package openldap
Status Fixed
Severity Medium
Type denial of service
Affected 2.4.56-1
Fixed 2.4.57-1
Current 2.4.59-2 [core]
Ticket None
Created Mon Jan 25 12:17:08 2021
Issue Severity Remote Type Description
CVE-2020-36230 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in...
CVE-2020-36229 Medium Yes Denial of service
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
CVE-2020-36228 Medium Yes Denial of service
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in...
CVE-2020-36227 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service
CVE-2020-36226 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial...
CVE-2020-36225 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
CVE-2020-36224 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
CVE-2020-36223 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service...
CVE-2020-36222 Medium Yes Denial of service
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
CVE-2020-36221 Medium Yes Denial of service
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of...