158915 – <net-nds/openldap-2.3.31 buffer overflow

Bug 158915 - <net-nds/openldap-2.3.31 buffer overflow

Summary: <net-nds/openldap-2.3.31 buffer overflow

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-12-23 07:10 UTC by Markus Ullmann (RETIRED)
Modified:	2006-12-26 22:24 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Markus Ullmann (RETIRED) gentoo-dev

2006-12-23 07:10:03 UTC

From upstream ChangeLog

Fixed slapd kbind buffer overflow condition (ITS#4775)

Though I can't view the ticket in upstreams tracker and got no response on irc, so can't say something about severity. But as bind is like authentication, it might be something serious

Comment 1 Markus Ullmann (RETIRED) gentoo-dev

2006-12-23 08:22:38 UTC

well I got further note from an upstream maintainer now. This is just code provided in the tarball, it isn't compiled in our env, so INVALIDating it