[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ITS#8046 - remote unauth DoS on 2.4.40

To: d@delphij.net
Subject: Re: ITS#8046 - remote unauth DoS on 2.4.40
From: "Paul B. Henson" <henson@acm.org>
Date: Fri, 6 Feb 2015 14:35:37 -0800
Cc: "hyc@symas.com >> Howard Chu" <hyc@symas.com>, whm@stanford.edu, ryan@nardis.ca, openldap-technical@openldap.org
Content-disposition: inline
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=f3c3Mv/6j0wQi0eQ7/mjq2H2sqbx2B3SH78rjfdnnwM=; b=FU1CFP3PxboRsljDoFZYGjJXv/VB90ZRZWvwb/NRdfD/SOJDYtJa0DmSG69Y2/2fu1 8QXwf7aGbakQewNi6gNuD4urugGuG0GtDoBMNyntsXstYos7imY9BWsZ7S1mpHi3TtO2 cXmAQZgtVWqH+8SDxtF17WHLyX0L4lc7ksEe3UayQm2FhiyzbKkJdC7Y8vDgdojaW/xW fEuDbnq6ONH8oaaftazWqp0NwyeQpZ76CnSyhb3IhwYve8b5GGy+kgdZanoQy/WS9ekT BW00ATDRDt+kXJ6RnbKaZKWQ+Dv6+sjDOFqwiwpVYstVELmGR7rQVdr3uq+8IqneOEVh THDA==
In-reply-to: <54D53BAB.8050407@delphij.net>
References: <20150206214741.GE4951@bender.unx.csupomona.edu> <54D53BAB.8050407@delphij.net>
User-agent: Mutt/1.5.23 (2014-03-12)

On Fri, Feb 06, 2015 at 02:09:47PM -0800, Xin Li wrote:

> Is there a CVE number for this one?

There's been a request:

http://www.openwall.com/lists/oss-security/2015/02/06/3

but I haven't seen one assigned.

I forgot to mention there's also a remote DoS in the deref overlay in
slapd 2.4.13 through 2.4.40, as I don't use that.

References:
- ITS#8046 - remote unauth DoS on 2.4.40
  - From: "Paul B. Henson" <henson@acm.org>
- Re: ITS#8046 - remote unauth DoS on 2.4.40
  - From: Xin Li <delphij@delphij.net>

Prev by Date: Re: ITS#8046 - remote unauth DoS on 2.4.40
Next by Date: Re: NamingContexts and DN question
Index(es):
- Chronological
- Thread