FKIE_CVE-2011-4079
Vulnerability from fkie_nvd - Published: 2011-10-27 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C10F4BE9-3953-4822-9226-528C78136ED1",
"versionEndIncluding": "2.4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "086DC60F-F530-4515-8F3D-87F30DB9B322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D538927-82D5-476E-9C85-2E9297316D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A904832-A6D6-45D4-B07C-79ED1FE47A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB554A4-EEC2-4E17-9F32-27A580B9E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "191DB249-6A73-4561-8CCA-565D1525CB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "423F9D3A-6AA7-4D64-B872-2C867EEFC3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34A5D9A5-FB1D-4ACF-846A-4DB73196122C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41400CE6-FA51-435C-93F7-B31FE42F18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6022ABEB-6825-4A5F-9884-74F94C2387F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F15789-334D-460D-B5B3-FCC71087D107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F77B1548-BB6D-4618-AE7B-E97F91A0AF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC52235-72DA-4EF4-870A-AF25181DB56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7064C52-1211-42B8-BF1F-C22D800AED07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD95826-E44A-48C6-BAAB-77A905CAE6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEA6BB6-41FC-4F15-A95F-9B052F062454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E90766C1-6DBD-435C-85E1-920DAFA26D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD13DAE-9588-4540-9183-FB80C507F985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "526366F3-52F0-4816-A356-8F39B718C048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC07AD0D-5DF9-41A4-8592-CEFF1842355D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "30017C56-42A9-4AF9-B5B3-7357E424F837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A51F38-3F5A-4F6D-93EE-776B5C2FF48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8DBEC27E-3220-42CE-B6CC-675F387CB506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E641DFFB-CBAF-4DCF-944F-443CFF836A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A552E270-5C9C-40DC-B23D-97C8D995B8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "53DF812C-E1F8-46D3-A072-3FBE696ADC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "552F2E25-DDB8-49A6-844A-8520696DBE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "149EBFB7-B58F-4557-8E46-6DF88BB5E57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03D75A36-41C4-464F-8DC4-42C841ABC087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3EE919-D05C-4625-85FE-132F6F2B932C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20D99A58-8D7E-4586-A9BF-1DD2A1DBB8D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBA0118-545E-4D7B-B819-34D157B2BA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "67826609-F4CA-42CB-A5D0-B4503DDE2C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "61676BBD-95B8-44C9-BD66-79F00381BF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "719A9B1D-8E32-461F-BCD4-F72C6AD3E63E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD73969-39F8-4849-AF6A-15ACDC2E4537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8C1DD2-865A-4CF2-8137-3C40C01C9EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38B045-2224-43D1-8618-0885505865C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5D26DAC5-EDBD-42D8-A877-1E6EA666D72B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11_9:*:*:*:*:*:*:*",
"matchCriteriaId": "E7AE325E-514C-40A1-AA56-D605377B5D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11_11:*:*:*:*:*:*:*",
"matchCriteriaId": "19397A11-E549-4F31-8007-8D5F3C0AABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.11_11s:*:*:*:*:*:*:*",
"matchCriteriaId": "1C659213-271D-4F22-AE14-A1646A612D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "67B0A2B6-C560-4AE0-BC79-3C7BC9163EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "566406CE-368A-4799-A112-E5DFC5B333D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CCC734-C15B-4D2B-BF83-F214F807C44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "64796893-A90D-4B7D-BDBC-0087B57AF7E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "39914C6A-F4DB-43CC-B2B6-097365E55D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFDD8F7-AAFD-453F-99A4-F9C0424EA791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFEEAA6-0B50-4644-A183-F5FEE7BD7EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "920FC1DB-95E2-4367-BF20-77D75BD7617D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "28E643F8-005A-4170-8275-8E4AB5C25209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A34C63-C17D-4026-B409-AA9A56529B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA863B0-A6AB-44BD-84E8-B6C885EFFE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "24BFAEC7-6256-4B8F-83F5-60FBD1571936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "83227371-ACC3-4217-BFF9-0A3AAADD50DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "734B8101-BEAC-40AB-81EA-2516CA20BC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BD5253-FBC9-4384-8FC3-4E384582BE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "AA73658A-8834-4EC2-8D8F-3A7D1C834669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06BCE98E-546C-4852-BAE2-CF525A778B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "94284C78-255E-43B7-A33E-FBC25BABEA2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4B298BAA-5584-4193-A3DB-31FBB0BD12B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "90604A40-A1F5-4F23-9B8C-472E8C794B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1418EC80-2F42-4C1B-BA38-CA5BDEF83F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC65FE9-348D-4468-A1EF-2AC5C673DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A400A0-B9D7-4CB2-82EA-49A599C2B30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "65587514-46AB-4D70-B7C2-FBED7F78D13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7951BAAB-CB06-4F19-891A-E07E2B3C8701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "82EC30A1-4150-44DC-89F7-5A64B8CC4A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF04D97-A561-427B-9891-A1423B86F164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1E74B0C8-2D64-4BF2-B152-87909E3029EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "88F6CA0B-ED91-4085-8EE0-1F4256747621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B90657E7-D651-4E1E-8035-13A1F024E3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7BBE5477-BE27-412A-9BA9-9690F746B4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "31300FA3-C57D-4564-927E-B06C0229BE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "342E414D-8ED6-4E5A-88F0-57B5846A3EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7C0BD0FD-BD80-4197-8479-BBB070DAB890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9CA4EF-61F1-407B-B2BF-B4AFD68F50BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "EB80C814-5B28-46CC-8237-70A558BF049C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "832AC063-6004-4A78-A964-45906361F9C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C40DFD-4FB8-40AA-ABA4-194DED1241A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "992733F2-000F-4E27-8D19-AF18543E57BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B36E0E49-D908-4A19-A621-6E7FB3E59A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "74779CA2-6741-4053-8C23-98A1F938B264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "930DAA18-113F-42B0-8382-8579575D238F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "98F50353-EBFB-4DE5-8D35-80C672A12E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "18A4F43F-8E4F-4203-B640-02BBB28052A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "28063C54-EE5E-44EC-8D47-E880C2BB45BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.1_.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCFC49-6505-4713-A06C-A64782A34414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE01BA8-416B-4419-99E5-81C1FA404FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2F45B8-B9FB-4D43-B2DD-98413F5F2B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F611094-500A-4306-8C15-4878135FA45D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "32096DE5-3F2C-4FF7-BDC6-E316DFDC97A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE197F27-CB34-4B0E-A30A-C9C87295AAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "10A4256F-EC89-425F-86FD-B0DE243EBF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A34127E-507D-4F72-9F93-B23F91DB0F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A2D5D9-3E7E-4420-A338-B05A8C077229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C76EF100-3328-4C70-A123-50A4ECFF539E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCE7803-E652-4A17-8EEB-B91C81CF48E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5CB439-5F0B-40CF-8564-6875CAC74FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5E524E-1B71-46B5-A14E-C2342851C0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FE103338-9AE7-4230-A8B2-09273004B4D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "12621DED-ABF1-47A7-961C-E6DE1F6302AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C8026929-4845-46E4-A6F8-E60CA498201B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DE01BD68-D6DC-4220-A3F0-71961CEA205F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "68DE3F16-E171-4FA3-9B00-3F944A4E7604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "63F7B718-0E5C-4900-A5DE-D59D37EC79D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8805A0-F543-450D-82E9-EE923904E2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "58779045-578C-41D5-9CAE-D6F48C91654C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "969F18EF-067A-47BA-9DC4-9FA69D9DCBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E12766AB-2AFE-4BBD-8B80-8BEA932ABDFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2C7514-8BB4-4B8A-A5AF-D4A26B232597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "64C0AB94-ED91-4218-8F97-862BA57D1CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FF5C05-0A64-416C-8346-EE5FF4AA14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5C081128-2846-4257-B822-10AADE54899D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9090B1B-0724-4526-A40D-47044401B6EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E5AC6E-F43B-404D-BA46-2F4412456ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "61AE77E5-6595-45A4-A233-C36B97F551B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80224FC0-7DF5-4815-9D3D-63AC462119FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F821D76D-1592-478B-AE7B-D16B22837C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67146520-86CF-4EF6-88AC-22E2D167D686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8C5E2D-52FD-448B-9423-9F51349BEE4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC99DDD-EF08-45B7-8369-1D52A03D6E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C79D5E35-1F96-4AF5-B89A-A8FCD33D1FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B4C9A-5C0E-4226-9975-E26330A287A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0F305125-0477-4C8F-9C94-39EB623E1A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "BF72A8C3-6DB5-494A-843F-D3CF57AAFDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "45104882-4F43-4437-8B2E-2F6E97952C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2BDB6E-B620-4707-A2C4-0AC3E6536B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BC84EA72-7B34-454D-B46D-616596AF41B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE3F254-C565-4650-B875-116FD2C29867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "49B31BEE-944F-40FA-A173-EF55C2232834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "003A1BF0-1C40-4A5B-A724-25692199D2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0298B8-44F5-4375-BBB4-107B1A9D1E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E94E748F-3367-4432-AA85-61767541A377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "E628F5CE-4D21-43D4-8789-99B32FA28A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "A4ECDC15-67A3-4432-B141-8EC38C440D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "BA382EA1-9ED6-4E10-89E7-3DD3A1FE7BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6DCE01E9-3D72-433F-A600-B7359C1197FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "75371593-00F5-4F49-B0EC-7835CB1DB97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F45E2CED-46CA-4F85-AA38-DCA5141CCFFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1CDD24-F8E3-4C39-BD39-36ADEC814C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.31:*:*:*:*:*:*:*",
"matchCriteriaId": "64E00372-FD22-45E5-8815-9B0826BE7857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6B5E35-7109-4FE0-8E34-61C5CA0C5D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.33:*:*:*:*:*:*:*",
"matchCriteriaId": "5C41A0F2-DBB7-48B6-AF89-7963CED8D196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.34:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0A12F9-7DEA-4E3F-A3A8-3C9E782AC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.35:*:*:*:*:*:*:*",
"matchCriteriaId": "06223A03-1598-4D0F-B0F6-576AA3CB1E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.36:*:*:*:*:*:*:*",
"matchCriteriaId": "87155B64-0AE1-4418-8866-84CEA879665B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.37:*:*:*:*:*:*:*",
"matchCriteriaId": "A563D3EA-7DE0-4DE7-AD64-8724B6E72A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.38:*:*:*:*:*:*:*",
"matchCriteriaId": "7AF66FA9-EE80-48DD-B10E-8D047CF4BC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.39:*:*:*:*:*:*:*",
"matchCriteriaId": "1F11D98D-F23D-45B4-9733-B3C0C781ADCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFE64A8-3B40-44C9-983F-8F3BDC9879E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.41:*:*:*:*:*:*:*",
"matchCriteriaId": "C51880E8-AA9E-43AD-BDC3-3DA530823AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.42:*:*:*:*:*:*:*",
"matchCriteriaId": "D58AC865-207C-4612-B112-AE430BB76213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.3.43:*:*:*:*:*:*:*",
"matchCriteriaId": "EF350C0B-E6BF-4626-BA1D-DED83358D86A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADA863D-EF8B-4A06-B94E-3DBF53063E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC66226-A597-4A4C-932F-F4A7BAE119C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEABC84-7B67-4FD4-A891-E52C80DC881E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "340F673A-295E-4B75-A9D1-E785B0440BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49203E99-71E2-49D4-91A0-65AAAA7DC18F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "473AEC48-FBBF-4BEB-8728-1FA80DD94807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0415EA-5F21-44C3-93F3-DDADBAA64449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "16AFC655-E81F-4FDE-8030-9781A8B79E73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E99FB859-D023-4B2B-A709-05E83A46E2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2EEBC7-1FAF-43E2-A124-C387C02D9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95D242E4-D5EB-4785-A6EF-60B1E8E2B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FEDD9C-FDF7-456A-B06C-0A4A4443991D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9245CDE2-B90A-4D47-BA20-A7869FF0A645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FB993E4D-E573-4495-97DE-465DDB2AA2DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F106A3-63D5-4D07-9440-6628DBA78BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "36CC03BC-DF34-43CD-90B0-27D23A1DD06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "16C90FEE-527E-47F5-8840-517A55163D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAEA812-BB47-47A3-A975-B3B8D30DBA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE5D180-3972-40A0-ADAF-A4F3364D1381",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "AD76F376-00D8-4917-BF68-6EECC316C331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openldap:openldap:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F7063C11-3BF5-4037-ADC3-0C7E9AF830B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry."
},
{
"lang": "es",
"value": "Error por un paso en la funci\u00f3n UTF8StringNormalize en OpenLDAP 2.4.26 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de slapd) a trav\u00e9s de una cadena de longitud cero que desencadena un desbordamiento de b\u00fafer basado en memoria din\u00e1mica, como se demuestra utilizando un valor vac\u00edo en el valor postalAddressAttribute en una entrada LDIF."
}
],
"id": "CVE-2011-4079",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-27T20:55:01.823",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46599"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-36.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=507238713b71208ec4f262f312cb495a302df9e9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059%3Bselectid=7059"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/10/26/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/10/26/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/50384"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1266-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749324"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-36.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=507238713b71208ec4f262f312cb495a302df9e9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059%3Bselectid=7059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/10/26/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/10/26/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1266-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70991"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…