CVE-2014-8182

An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.
References
Link Resource
https://access.redhat.com/security/cve/cve-2014-8182 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8182 Exploit Issue Tracking Patch Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-8182 Exploit Issue Tracking Patch Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2014-8182 Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:openldap:openldap:2.4:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-01-02 23:15

Updated : 2024-02-04 20:39


NVD link : CVE-2014-8182

Mitre link : CVE-2014-8182

CVE.ORG link : CVE-2014-8182


JSON object : View

Products Affected

openldap

  • openldap

debian

  • debian_linux
CWE
CWE-193

Off-by-one Error