Mageia: 2021-0105 Moderate: OpenLDAP Denial Of Service Threat Details

mageia

March 4, 2021

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing

Summary

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service (CVE-2020-36221).
It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-36222, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226).
It was discovered that OpenLDAP incorrectly handled Return Filter control handling. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2020-36223).
It was discovered that OpenLDAP incorrectly handled certain cancel operations. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service (CVE-2020-36227).
It was discovered that OpenLDAP incorrectly handled Cert...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=28300

- https://ubuntu.com/security/notices/USN-4724-1

- https://ubuntu.com/security/notices/USN-4744-1

- https://www.cve.org/CVERecord?id=CVE-2020-36221

- https://www.cve.org/CVERecord?id=CVE-2020-36222

- https://www.cve.org/CVERecord?id=CVE-2020-36223

- https://www.cve.org/CVERecord?id=CVE-2020-36224

- https://www.cve.org/CVERecord?id=CVE-2020-36225

- https://www.cve.org/CVERecord?id=CVE-2020-36226

- https://www.cve.org/CVERecord?id=CVE-2020-36227

- https://www.cve.org/CVERecord?id=CVE-2020-36228

- https://www.cve.org/CVERecord?id=CVE-2020-36229

- https://www.cve.org/CVERecord?id=CVE-2020-36230

- https://www.cve.org/CVERecord?id=CVE-2021-27212

Topics Covered

security advisory denial of service security issue code execution remote code execution OpenLDAP CVE issues Mageia

Resolution

SRPMS

- 8/core/openldap-2.4.57-1.1.mga8

- 7/core/openldap-2.4.50-1.4.mga7

Publication date: 04 Mar 2021

URL: https://advisories.mageia.org/MGASA-2021-0105.html

Type: security

CVE: CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230, CVE-2021-27212

Topics Covered

security advisory denial of service security issue code execution remote code execution OpenLDAP CVE issues Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia: 2021-0105 Moderate: OpenLDAP Denial Of Service Threat Details

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia: 2021-0105 Moderate: OpenLDAP Denial Of Service Threat Details

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!