cvelistv5 - cve-2007-5708

CVE-2007-5708 (GCVE-0-2007-5708)

Vulnerability from cvelistv5

Published

2007-10-30 19:00

Modified

2024-08-07 15:39

Severity ?

CWE

Summary

slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.

References

URL

Tags

	http://secunia.com/advisories/27683	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:058	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/29461	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29225	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29682	third-party-advisory, x_refsource_SECUNIA
	http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163	x_refsource_MISC
	http://secunia.com/advisories/27756	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200803-28.xml	vendor-advisory, x_refsource_GENTOO
	http://www.debian.org/security/2008/dsa-1541	vendor-advisory, x_refsource_DEBIAN
	http://www.novell.com/linux/security/advisories/2007_24_sr.html	vendor-advisory, x_refsource_SUSE
	http://www.openldap.org/lists/openldap-announce/200710/msg00001.html	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/27424	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-551-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2007/3645	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26245	vdb-entry, x_refsource_BID
	http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/27868	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.616Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27683",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27683"
          },
          {
            "name": "MDVSA-2008:058",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
          },
          {
            "name": "29461",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29461"
          },
          {
            "name": "29225",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29225"
          },
          {
            "name": "29682",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29682"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
          },
          {
            "name": "27756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27756"
          },
          {
            "name": "GLSA-200803-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
          },
          {
            "name": "DSA-1541",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1541"
          },
          {
            "name": "SUSE-SR:2007:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
          },
          {
            "name": "[openldap-announce] 20071026 OpenLDAP 2.3.39 available",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
          },
          {
            "name": "27424",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27424"
          },
          {
            "name": "USN-551-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-551-1"
          },
          {
            "name": "ADV-2007-3645",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3645"
          },
          {
            "name": "26245",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26245"
          },
          {
            "name": "FEDORA-2007-741",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
          },
          {
            "name": "27868",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27868"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-11-22T19:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "27683",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27683"
        },
        {
          "name": "MDVSA-2008:058",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
        },
        {
          "name": "29461",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29461"
        },
        {
          "name": "29225",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29225"
        },
        {
          "name": "29682",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29682"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163"
        },
        {
          "name": "27756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27756"
        },
        {
          "name": "GLSA-200803-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200803-28.xml"
        },
        {
          "name": "DSA-1541",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1541"
        },
        {
          "name": "SUSE-SR:2007:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
        },
        {
          "name": "[openldap-announce] 20071026 OpenLDAP 2.3.39 available",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openldap.org/lists/openldap-announce/200710/msg00001.html"
        },
        {
          "name": "27424",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27424"
        },
        {
          "name": "USN-551-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-551-1"
        },
        {
          "name": "ADV-2007-3645",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3645"
        },
        {
          "name": "26245",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26245"
        },
        {
          "name": "FEDORA-2007-741",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html"
        },
        {
          "name": "27868",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27868"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-5708",
    "datePublished": "2007-10-30T19:00:00.000Z",
    "dateReserved": "2007-10-30T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:39:13.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-460

Vulnerability from certfr_avis

Plusieurs vulnérabilités permettent à un utilisateur malveillant de provoquer un déni de service à distance.

Description

Plusieurs vulnérabilités affectent OpenLDAP :

la fonction add_filter_attrs() ne gère pas correctement la fin de certaines chaînes de caractères. Ce défaut permet à un utilisateur malveillant de provoquer un déni de service à distance par épuisement de la mémoire ;
les données entrées par l'utilisateur pour l'attribut objectClasses ne sont pas normalisées de manière assez stricte. Ceci permet à un utilisateur malveillant de provoquer un arrêt inopiné du serveur, à distance.

Solution

La version 2.3.39 corrige ces problèmes. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

OpenLDAP, versions antérieures à la version 2.3.39.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de révision 2.3.39 d'OpenLDAP	None	vendor-advisory
Site du projet OpenLDAP :	-	other
Site de téléchargement du projet OpenLDAP :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOpenLDAP, versions ant\u00e9rieures \u00e0 la version 2.3.39.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s affectent OpenLDAP :\n\n-   la fonction add_filter_attrs() ne g\u00e8re pas correctement la fin de\n    certaines cha\u00eenes de caract\u00e8res. Ce d\u00e9faut permet \u00e0 un utilisateur\n    malveillant de provoquer un d\u00e9ni de service \u00e0 distance par\n    \u00e9puisement de la m\u00e9moire ;\n-   les donn\u00e9es entr\u00e9es par l\u0027utilisateur pour l\u0027attribut objectClasses\n    ne sont pas normalis\u00e9es de mani\u00e8re assez stricte. Ceci permet \u00e0 un\n    utilisateur malveillant de provoquer un arr\u00eat inopin\u00e9 du serveur, \u00e0\n    distance.\n\n## Solution\n\nLa version 2.3.39 corrige ces probl\u00e8mes. Se r\u00e9f\u00e9rer au bulletin de\ns\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section\nDocumentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5708"
    },
    {
      "name": "CVE-2007-5707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
    }
  ],
  "initial_release_date": "2007-10-29T00:00:00",
  "last_revision_date": "2007-10-29T00:00:00",
  "links": [
    {
      "title": "Site du projet OpenLDAP :",
      "url": "http://www.openldap.org/software/release/changes.html"
    },
    {
      "title": "Site de t\u00e9l\u00e9chargement du projet OpenLDAP :",
      "url": "http://www.openldap.org/software/download/"
    }
  ],
  "reference": "CERTA-2007-AVI-460",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-10-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant de\nprovoquer un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans OpenLDAP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de r\u00e9vision 2.3.39 d\u0027OpenLDAP",
      "url": null
    }
  ]
}

CERTA-2008-AVI-081

Vulnerability from certfr_avis

Une vulnérabilité dans OpenLDAP permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

La fonction modrdn sert à modifier les noms relatifs (RDN ou Relative Distinguished Name). Une erreur dans cette fonction est exploitable par un utilisateur malveillant pour exécuter du code arbitraire à distance sur un serveur vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

OpenLDAP, versions 2.3.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-584-1 du 05 mars 2008 :	-	other
Site de téléchargement du projet OpenLDAP :	-	other
Bulletin de sécurité RedHat RHSA-2008:0110-3 du 21 février 2008 :	-	other
Bulletin de sécurité Debian DSA 1541-1 du 08 avril 2008 :	-	other
Bulletin de sécurité Gentoo GLSA-200803-28 du 19 mars 2008 :	-	other
Bulletin de sécurité Mandriva MDKSA-2008:058 du 05 mars 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eOpenLDAP\u003c/SPAN\u003e,  versions 2.3.x.",
  "content": "## Description\n\nLa fonction modrdn sert \u00e0 modifier les noms relatifs (RDN ou Relative\nDistinguished Name). Une erreur dans cette fonction est exploitable par\nun utilisateur malveillant pour ex\u00e9cuter du code arbitraire \u00e0 distance\nsur un serveur vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5708"
    },
    {
      "name": "CVE-2007-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6698"
    },
    {
      "name": "CVE-2007-5707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5707"
    },
    {
      "name": "CVE-2008-0658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0658"
    }
  ],
  "initial_release_date": "2008-02-13T00:00:00",
  "last_revision_date": "2008-02-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-584-1 du 05 mars 2008 :",
      "url": "http://www.ubuntulinux.org/usn/usn-584-1"
    },
    {
      "title": "Site de t\u00e9l\u00e9chargement du projet OpenLDAP :",
      "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2008:0110-3 du 21 f\u00e9vrier    2008 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0110-3.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1541-1 du 08 avril 2008 :",
      "url": "http://lists.debian.org/debian-security-announce/2008/msg00111.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200803-28 du 19 mars 2008    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-28.xml"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2008:058 du 05 mars    2008 :",
      "url": "http://www.mandriva.com/archives/security/advisories"
    }
  ],
  "reference": "CERTA-2008-AVI-081",
  "revisions": [
    {
      "description": "ajout des r\u00e9f\u00e9rences Debian, Gentoo, Mandriva, Redhat, Ubuntu.",
      "revision_date": "2008-02-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eOpenLDAP\u003c/span\u003e permet \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans OpenLDAP",
  "vendor_advisories": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-5708 (GCVE-0-2007-5708)

Vulnerability from cvelistv5

CERTA-2007-AVI-460

Vulnerability from certfr_avis

Description

Solution

CERTA-2008-AVI-081

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature