Ubuntu 14.04 ESM: USN-4622-2 Critical: OpenLDAP Denial of Service
ubuntu
November 11, 2020
OpenLDAP could be made to crash or run programs if it received specially crafted network traffic.
Summary
OpenLDAP could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- openldap: Lightweight Directory Access Protocol
Details:
USN-4622-1 fixed a vulnerability in OpenLDAP. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that OpenLDAP incorrectly handled certain network
packets. A remote attacker could use this issue to cause OpenLDAP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: slapd 2.4.31-1+nmu2ubuntu8.5+esm3 Ubuntu 12.04 ESM: slapd 2.4.28-1.1ubuntu4.11 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-4622-2
https://ubuntu.com/security/notices/USN-4622-1
CVE-2020-25692
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
November 11, 2020
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!