CVE-2017-9287 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A double-free flaw was found in the way OpenLDAP's slapd server <= 2.4.44 using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query by including the Paged Results control with a page size of 0.
Group Package Affected Fixed Severity Status Ticket
AVG-358 openldap 2.4.44-5 2.4.45-1 Medium Fixed
References
http://www.openldap.org/its/?findid=8655
https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e