CVE-2010-0212
openldap: modrdn processing IA5StringNormalize NULL pointer dereference
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
OpenLDAP 2.4.22 permite a atacantes remotos provocar una denegación de servicio(caída) a través de una llamada modrdn con una cadena de destino RDN con longitud cero, que no es manejada adecuadamente por la función smr_normalize y que provoca una deferencia a puntero nulo en la función IA5StringNormalize en schema_init.c, como se ha demostrado usando la suite de pruebas Codenomicon LDAPv3.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-01-06 CVE Reserved
- 2010-07-27 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-476: NULL Pointer Dereference
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | X_refsource_confirm | |
| http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 | X_refsource_confirm | |
| http://secunia.com/advisories/42787 | Third Party Advisory | |
| http://support.apple.com/kb/HT4435 | X_refsource_confirm |
|
| http://www.securityfocus.com/archive/1/515545/100/0/threaded | Mailing List | |
| http://www.securitytracker.com/id?1024221 | Vdb Entry | |
| http://www.vmware.com/security/advisories/VMSA-2011-0001.html | X_refsource_confirm | |
| http://www.vupen.com/english/advisories/2011/0025 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570 | 2024-08-07 | |
| http://www.securityfocus.com/bid/41770 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/1849 | 2018-10-10 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | 2018-10-10 | |
| http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html | 2018-10-10 | |
| http://secunia.com/advisories/40639 | 2018-10-10 | |
| http://secunia.com/advisories/40687 | 2018-10-10 | |
| http://security.gentoo.org/glsa/glsa-201406-36.xml | 2018-10-10 | |
| http://www.redhat.com/support/errata/RHSA-2010-0542.html | 2018-10-10 | |
| http://www.vupen.com/english/advisories/2010/1858 | 2018-10-10 | |
| https://access.redhat.com/security/cve/CVE-2010-0212 | 2010-07-20 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=605452 | 2010-07-20 |