ID CVE-2015-1545
Summary <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
References
Vulnerable Configurations
  • cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.24:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.24:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.25:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.25:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.26:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.26:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.27:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.27:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.28:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.28:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.29:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.29:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.30:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.30:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.31:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.31:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.32:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.32:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.33:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.33:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.34:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.34:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.35:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.35:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.36:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.36:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.37:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.37:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.38:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.38:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.39:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.39:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.4.40:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.4.40:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
non_vulnerable_configuration via4
    refmap via4
    apple APPLE-SA-2015-04-08-2
    bid 72519
    confirm
    debian DSA-3209
    mandriva
    • MDVSA-2015:073
    • MDVSA-2015:074
    mlist [oss-security] 20150207 Re: CVE request: two OpenLDAP DoS issues
    sectrack 1032399
    secunia 62787
    suse openSUSE-SU-2015:1325
    xf openldap-cve20151545-dos(100937)
    statements via4
    contributor openldap.org
    lastmodified 2015-02-25
    organization openldap.org
    statement Note that the deref overlay is not enabled by default, so this vulnerability only affects sites that have explicitly configured their servers to load and enable the overlay. Since this overlay has never been documented, there are no sites outside of the OpenLDAP developer community with a legitimate reason to enable this module.
    vulnerable_product via4
    • cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.24:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.27:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.28:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.29:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.30:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.37:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.38:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.39:*:*:*:*:*:*:*
    • cpe:2.3:a:openldap:openldap:2.4.40:*:*:*:*:*:*:*
    Last major update 08-09-2017 - 01:29
    Published 12-02-2015 - 16:59
    Back to Top