CVE-2015-1545
Vulnerability from cvelistv5
Published
2015-02-12 16:00
Modified
2024-08-06 04:47
Severity ?
EPSS score ?
Summary
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:47:16.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "72519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=c32e74763f77675b9e144126e375977ed6dc562c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT204659"
},
{
"name": "openldap-cve20151545-dos(100937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100937"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "DSA-3209",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3209"
},
{
"name": "APPLE-SA-2015-04-08-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name": "openSUSE-SU-2015:1325",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html"
},
{
"name": "1032399",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032399"
},
{
"name": "MDVSA-2015:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:073"
},
{
"name": "MDVSA-2015:074",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:074"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openldap.org/its/?findid=8027"
},
{
"name": "62787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62787"
},
{
"name": "[oss-security] 20150207 Re: CVE request: two OpenLDAP DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/07/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210788"
},
{
"name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T20:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "72519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=c32e74763f77675b9e144126e375977ed6dc562c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT204659"
},
{
"name": "openldap-cve20151545-dos(100937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100937"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "DSA-3209",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3209"
},
{
"name": "APPLE-SA-2015-04-08-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name": "openSUSE-SU-2015:1325",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html"
},
{
"name": "1032399",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032399"
},
{
"name": "MDVSA-2015:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:073"
},
{
"name": "MDVSA-2015:074",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:074"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openldap.org/its/?findid=8027"
},
{
"name": "62787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62787"
},
{
"name": "[oss-security] 20150207 Re: CVE request: two OpenLDAP DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/07/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210788"
},
{
"name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "72519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72519"
},
{
"name": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=c32e74763f77675b9e144126e375977ed6dc562c",
"refsource": "CONFIRM",
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=c32e74763f77675b9e144126e375977ed6dc562c"
},
{
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name": "openldap-cve20151545-dos(100937)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100937"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "DSA-3209",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3209"
},
{
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"name": "openSUSE-SU-2015:1325",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html"
},
{
"name": "1032399",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032399"
},
{
"name": "MDVSA-2015:073",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:073"
},
{
"name": "MDVSA-2015:074",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:074"
},
{
"name": "http://www.openldap.org/its/?findid=8027",
"refsource": "CONFIRM",
"url": "http://www.openldap.org/its/?findid=8027"
},
{
"name": "62787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62787"
},
{
"name": "[oss-security] 20150207 Re: CVE request: two OpenLDAP DoS issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/07/3"
},
{
"name": "https://support.apple.com/kb/HT210788",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210788"
},
{
"name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1545",
"datePublished": "2015-02-12T16:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T04:47:16.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-1545\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-02-12T16:59:06.143\",\"lastModified\":\"2024-11-21T02:25:37.720\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n deref_parseCtrl en servers/slapd/overlays/deref.c en OpenLDAP 2.4.13 hasta 2.4.40 permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda) a trav\u00e9s de una lista de atributos vac\u00eda en un control de referencia en una solicitud de b\u00fasqueda.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E99FB859-D023-4B2B-A709-05E83A46E2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D2EEBC7-1FAF-43E2-A124-C387C02D9E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D242E4-D5EB-4785-A6EF-60B1E8E2B0EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FEDD9C-FDF7-456A-B06C-0A4A4443991D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9245CDE2-B90A-4D47-BA20-A7869FF0A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB993E4D-E573-4495-97DE-465DDB2AA2DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0F106A3-63D5-4D07-9440-6628DBA78BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36CC03BC-DF34-43CD-90B0-27D23A1DD06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C90FEE-527E-47F5-8840-517A55163D8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FAEA812-BB47-47A3-A975-B3B8D30DBA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE5D180-3972-40A0-ADAF-A4F3364D1381\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD76F376-00D8-4917-BF68-6EECC316C331\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7063C11-3BF5-4037-ADC3-0C7E9AF830B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAE258EA-1B57-4189-AD5A-7E2ACF223167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C492F5F5-A6FD-4BED-890A-79254138CC0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6F7FDE8-2E54-4162-AA5F-D81253AAC8FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"693E3145-FDDB-4780-886B-6D7FC7B2C5B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BF32056-CC6A-4B2B-8FAA-F573445B9B99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93B99338-4A1A-4483-8308-49BCCB325C30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE652CE3-E16B-4062-8253-F3FB52A651EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A30ED6D-1DB8-4563-B131-1532F97F9694\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7764366D-29BB-4D75-A33C-7C17DA7496DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A38D99B-370E-430A-A657-CD9FF72D0863\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB3D3034-D938-402D-A02F-3F4005C438AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D979A0-3214-4DC6-A838-0AD2444CA5FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B3EF5D-7889-4206-838C-E932AFCBE15D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B20FA14-9F5B-425D-ACEF-A2348252C39A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43B01F94-261C-4718-A82D-28DAE9B67936\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/26\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/62787\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3209\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:073\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:074\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=c32e74763f77675b9e144126e375977ed6dc562c\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openldap.org/its/?findid=8027\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/02/07/3\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/72519\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1032399\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/100937\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/23\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.apple.com/HT204659\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.apple.com/kb/HT210788\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-07/msg00069.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3209\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commit%3Bh=c32e74763f77675b9e144126e375977ed6dc562c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openldap.org/its/?findid=8027\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/02/07/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/72519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/100937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT204659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT210788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/476.html\\\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e\",\"vendorComments\":[{\"organization\":\"openldap.org\",\"comment\":\"Note that the deref overlay is not enabled by default, so this vulnerability only affects sites that have explicitly configured their servers to load and enable the overlay. Since this overlay has never been documented, there are no sites outside of the OpenLDAP developer community with a legitimate reason to enable this module.\",\"lastModified\":\"2015-02-25T11:33:12.727\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.