[Date Prev][Date Next] [Chronological] [Thread] [Top]

About Buffer Overflows

To: openldap-software@OpenLDAP.org
Subject: About Buffer Overflows
From: zhang pu <zhang@fjh.fujitsu.com>
Date: Sun, 20 Feb 2005 21:45:48 +0900

Hello Kurt

>From http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1378 
I've read, 
-------------
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and 
earlier allow remote attackers to execute arbitrary code 
-------------

But I cannot find the related information from OpenLDAP release 
changelog and the mailing list. 

So I want to ask, 
Which release has the detected buffer overflow bug?
What have you corrected? 
Is 2.1.19 safe? (If it is not, what's the problem of buffer 
overflow it has?)

Hope you can give me suggestion.

Thanks & Regards
Pu

Prev by Date: userPassword: {KERBEROS}/{SASL} help!
Next by Date: openldap and service permissions
Index(es):
- Chronological
- Thread