From secunia security advisory at $URL:
The vulnerability is caused due to an assertion error when processing certain search results and can be exploited via a LDAP search request with "attrsOnly" set to true (e.g. ldapsearch -A).
Successful exploitation requires a proxy server configured to use both a relay backend and a translucent overlay.
The vulnerability is reported in versions prior to 2.4.30.
Update to version 2.4.30.
in tree and ready for stabilization.
target keywords: alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86
ppc and ppc64 done
Stable for HPPA.
Thanks, everyone. GLSA Vote: yes.
GLSA vote: yes.
Adding to existing GLSA draft.
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of
service (assertion failure and daemon exit) via an LDAP search query with
attrsOnly set to true, which causes empty attributes to be returned.
@maintainers, cleanup or mask vulnerable versions, please
Maintainer(s), Thank you for cleanup!
This issue was resolved and addressed in
GLSA 201406-36 at http://security.gentoo.org/glsa/glsa-201406-36.xml
by GLSA coordinator Yury German (BlueKnight).