---

CVE-2017-9287 - log back

CVE-2017-9287 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Denial of service
Description	+ A double-free flaw was found in the way OpenLDAP's slapd server <= 2.4.44 using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query by including the Paged Results control with a page size of 0.
References	+ http://www.openldap.org/its/?findid=8655 + https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
Notes