An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/cve-2014-8182 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8182 | Exploit Issue Tracking Patch Third Party Advisory |
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-8182 | Exploit Issue Tracking Patch Third Party Advisory |
https://security-tracker.debian.org/tracker/CVE-2014-8182 | Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-01-02 23:15
Updated : 2024-02-04 20:39
NVD link : CVE-2014-8182
Mitre link : CVE-2014-8182
CVE.ORG link : CVE-2014-8182
JSON object : View
Products Affected
openldap
- openldap
debian
- debian_linux
CWE
CWE-193
Off-by-one Error