CVE-2011-1081
OpenLDAP 2.4.x - 'modrdn' NULL OldDN Remote Denial of Service
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.
modrdn.c en slapd en OpenLDAP v2.4.x anterior a v2.4.24 permite a atacantes remotos provocar una denegación de servicio (caída de demonio) mediante una petición de modificación del nombre completo relativo (DN) (también conocido como operación MODRDN) que contiene un valor vacío para el campo OldDN.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-01-03 First Exploit
- 2011-02-24 CVE Reserved
- 2011-03-20 CVE Published
- 2024-07-03 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
CAPEC
References (22)
| URL | Tag | Source |
|---|---|---|
| http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 | X_refsource_confirm | |
| http://openwall.com/lists/oss-security/2011/02/28/1 | Mailing List | |
| http://openwall.com/lists/oss-security/2011/03/01/11 | Mailing List | |
| http://openwall.com/lists/oss-security/2011/03/01/15 | Mailing List | |
| http://secunia.com/advisories/43718 | Third Party Advisory | |
| http://securitytracker.com/id?1025191 | Vdb Entry | |
| http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768 | X_refsource_confirm | |
| https://bugzilla.novell.com/show_bug.cgi?id=674985 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66239 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/35445 | 2011-01-03 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=680975 | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/43331 | 2017-08-17 | |
| http://security.gentoo.org/glsa/glsa-201406-36.xml | 2017-08-17 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:055 | 2017-08-17 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:056 | 2017-08-17 | |
| http://www.redhat.com/support/errata/RHSA-2011-0347.html | 2017-08-17 | |
| http://www.ubuntu.com/usn/USN-1100-1 | 2017-08-17 | |
| http://www.vupen.com/english/advisories/2011/0665 | 2017-08-17 | |
| https://access.redhat.com/security/cve/CVE-2011-1081 | 2011-03-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.6 Search vendor "Openldap" for product "Openldap" and version "2.4.6" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.7 Search vendor "Openldap" for product "Openldap" and version "2.4.7" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.8 Search vendor "Openldap" for product "Openldap" and version "2.4.8" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.9 Search vendor "Openldap" for product "Openldap" and version "2.4.9" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.10 Search vendor "Openldap" for product "Openldap" and version "2.4.10" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.11 Search vendor "Openldap" for product "Openldap" and version "2.4.11" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.12 Search vendor "Openldap" for product "Openldap" and version "2.4.12" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.13 Search vendor "Openldap" for product "Openldap" and version "2.4.13" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.14 Search vendor "Openldap" for product "Openldap" and version "2.4.14" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.15 Search vendor "Openldap" for product "Openldap" and version "2.4.15" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.16 Search vendor "Openldap" for product "Openldap" and version "2.4.16" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.17 Search vendor "Openldap" for product "Openldap" and version "2.4.17" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.18 Search vendor "Openldap" for product "Openldap" and version "2.4.18" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.19 Search vendor "Openldap" for product "Openldap" and version "2.4.19" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.20 Search vendor "Openldap" for product "Openldap" and version "2.4.20" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.21 Search vendor "Openldap" for product "Openldap" and version "2.4.21" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.22 Search vendor "Openldap" for product "Openldap" and version "2.4.22" | - |
Affected
| ||||||
| Openldap Search vendor "Openldap" | Openldap Search vendor "Openldap" for product "Openldap" | 2.4.23 Search vendor "Openldap" for product "Openldap" and version "2.4.23" | - |
Affected
| ||||||