---

CVE-2020-36224 - log back

CVE-2020-36224 edited at 25 Jan 2021 12:29:29

References

https://bugs.openldap.org/show_bug.cgi?id=9409 - https://bugs.openldap.org/show_bug.cgi?id=9412 - https://bugs.openldap.org/show_bug.cgi?id=9413 https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 - https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 - https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8

CVE-2020-36224 edited at 25 Jan 2021 12:27:03
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
References	+ https://bugs.openldap.org/show_bug.cgi?id=9409 + https://bugs.openldap.org/show_bug.cgi?id=9412 + https://bugs.openldap.org/show_bug.cgi?id=9413 + https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 + https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 + https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 + https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8
Notes

CVE-2020-36224 created at 25 Jan 2021 12:17:08