Description
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
Products
- MandrakeSoft Mandrake Single Network Firewall 7.2
- OpenLDAP OpenLDAP 1.0.1
- OpenLDAP OpenLDAP 1.0.2
- OpenLDAP OpenLDAP 1.0.3
- OpenLDAP 1.0
- OpenLDAP 1.1.1
- OpenLDAP 1.1.2
- OpenLDAP 1.1.3
- OpenLDAP 1.1.4
- OpenLDAP 1.1
- OpenLDAP 1.2.10
- OpenLDAP 1.2.11
- OpenLDAP 1.2.12
- OpenLDAP 1.2.1
- OpenLDAP 1.2.2
- OpenLDAP 1.2.3
- OpenLDAP 1.2.4
- OpenLDAP 1.2.5
- OpenLDAP 1.2.6
- OpenLDAP 1.2.7
- OpenLDAP 1.2.8
- OpenLDAP 1.2.9
- OpenLDAP 1.2
- OpenLDAP 2.0.1
- OpenLDAP 2.0.2
- OpenLDAP 2.0.3
- OpenLDAP 2.0.4
- OpenLDAP 2.0.5
- OpenLDAP 2.0.6
- OpenLDAP 2.0.7
- OpenLDAP 2.0
- Debian Debian Linux 2.2
- MandrakeSoft Mandrake Linux 7.1
- MandrakeSoft Mandrake Linux 7.2
- MandrakeSoft Mandrake Linux 8.0
- MandrakeSoft Mandrake Linux Corporate Server 1.0.1
- Red Hat Linux 6.2
- Red Hat Linux 7.0
- Red Hat Linux 7.1
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2001-0977, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2001-0977 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References