TITLE: OpenLDAP BIND Denial of Service Vulnerability SECUNIA ADVISORY ID: SA22750 VERIFY ADVISORY: http://secunia.com/advisories/22750/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: OpenLDAP 2.2.x http://secunia.com/product/5319/ OpenLDAP 2.1.x http://secunia.com/product/1831/ DESCRIPTION: Evgeny Legerov has reported a vulnerability in OpenLDAP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing certain BIND requests. This can be exploited to cause a crash by sending specially crafted BIND requests to an OpenLDAP server. The vulnerability is reported in OpenLDAP version 2.2.29. Other versions may also be affected. SOLUTION: Restrict access to trusted people only. PROVIDED AND/OR DISCOVERED BY: Evgeny Legerov
*** This bug has been marked as a duplicate of 154349 ***