CVE-2017-17740
ADVISORY - debianSummary
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
- openldap (unimportant) http://www.openldap.org/its/index.cgi/Incoming?id=8759 nops slapd-module not built
EPSS Score: 0.02071 (0.830)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Restriction of Operations within the Bounds of a Memory Buffer
ADVISORY - redhat
Function Call with Incorrectly Specified Arguments
Debian
CREATED
UPDATED
ADVISORY IDCVE-2017-17740
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/Alow| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| debian/openldap | deb | debian | 12 | >=2.5.13+dfsg-5 | Not yet available |
| debian/openldap | deb | debian | 13 | >=2.6.9+dfsg-2 | Not yet available |
| debian/openldap | deb | debian | 11 | >=2.4.57+dfsg-3+deb11u1 | Not yet available |
| debian/openldap | deb | debian | unstable | >=2.6.9+dfsg-2 | Not yet available |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2017-17740
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.5highAlpine
CREATED
UPDATED
ADVISORY IDCVE-2017-17740
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2017-17740
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.5lowRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2017-17740
EXPLOITABILITY SCORE
2.2
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)