Security alerts on OpenLDAP (CVE-2015-1545 / CVE-2015-1546) - openldap-devel - openldap.org

2021

January

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Security alerts on OpenLDAP (CVE-2015-1545 / CVE-2015-1546)

Fwd: multiple sequential lmdb...

git.openldap.org (port 9418) (Name...

Clément OUDOT

Monday, 23 February 2015 Mon, 23 Feb '15

12:10 p.m.

Hi, I saw today two CVE on OpenLDAP: * http://vigilance.fr/vulnerability/OpenLDAP-NULL-pointer-dereference-via-d... * http://vigilance.fr/vulnerability/OpenLDAP-use-after-free-via-Matched-Val... Don't know if they are reported in some ITS. Clément OUDOT.

Reply

Show replies by date

Howard Chu

Monday, 23 February Mon, 23 Feb

4:36 p.m.

Clément OUDOT wrote:

Hi, I saw today two CVE on OpenLDAP: * http://vigilance.fr/vulnerability/OpenLDAP-NULL-pointer-dereference-via-d... * http://vigilance.fr/vulnerability/OpenLDAP-use-after-free-via-Matched-Val... Don't know if they are reported in some ITS.

That's because you're reading 2nd or 3rd-hand reports. Read the actual CVEs and you'll see that relevant ITSs already linked. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546 Given that the deref overlay isn't even documented and is probably used by only a handful of OpenLDAP developers I don't believe it even merited a CVE record. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

Reply

Clément OUDOT

11:59 p.m.

2015-02-24 1:36 GMT+01:00 Howard Chu <hyc(a)symas.com>:

Clément OUDOT wrote: > > Hi, > > I saw today two CVE on OpenLDAP: > * > http://vigilance.fr/vulnerability/OpenLDAP-NULL-pointer-dereference-via-d... > * > http://vigilance.fr/vulnerability/OpenLDAP-use-after-free-via-Matched-Val... > > Don't know if they are reported in some ITS. That's because you're reading 2nd or 3rd-hand reports. Read the actual CVEs and you'll see that relevant ITSs already linked. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546 Given that the deref overlay isn't even documented and is probably used by only a handful of OpenLDAP developers I don't believe it even merited a CVE record.

Agreed for the deref CVE, but I confirm that the matched values bug is present in 2.4.40 official version (and so in LTB packages). I saw that 2.4.41 was in preparation, any idea of a release date? Clément.

Reply

Michael Ströder

Tuesday, 24 February Tue, 24 Feb

1:47 a.m.

Howard Chu wrote:

Given that the deref overlay isn't even documented and is probably used by only a handful of OpenLDAP developers I don't believe it even merited a CVE record.

Hmm, not sure. Arthur de Jong implemented support for this control in nss-pam-ldapd a year ago [1] and IIRC also discussed it on the openldap-technical mailing list. Ciao, Michael. [1] http://arthurdejong.org/git/nss-pam-ldapd/tree/ChangeLog [..] 2014-01-05 Arthur de Jong <arthur(a)arthurdejong.org> * [c6c317e] : Implement deref control handling This uses the LDAP_CONTROL_X_DEREF control as described in draft-masarati-ldap-deref-00 to request the LDAP server to dereference group member attribute values to uid attribute values. [..]

Reply

2153

days inactive

2154

days old

openldap-devel@openldap.org

Manage subscription

3 comments

3 participants

tags (0)

participants (3)

Clément OUDOT
Howard Chu
Michael Ströder