Oval Definition:oval:org.opensuse.security:def:20100211
Revision Date:2022-05-20Version:1
Title:CVE-2010-0211
Description:

The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-0211
Mitre CVE-2010-0211
SUSE CVE-2010-0211
openSUSE-SU-2010:0427-1
openSUSE-SU-2010:0427-1
openSUSE-SU-2010:0546-1
openSUSE-SU-2010:0546-1
openSUSE-SU-2010:0547-1
openSUSE-SU-2010:0547-1
SUSE-SR:2010:014
SUSE-SR:2010:014
SUSE-SR:2010:016
SUSE-SR:2010:016
Platform(s):Open Enterprise Server
openSUSE 11.0
openSUSE 11.1
openSUSE 11.2
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP 10 SP3
SUSE Linux Enterprise Server for SAP Applications 11
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Software Development Kit 11 SP1
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp3 is installed
  • AND
  • openldap2-back-meta less than 2.3.32-0.37.1
  • OR openldap2-back-perl less than 2.3.32-0.37.1
  • OR openldap2-client-32bit less than 2.3.32-0.37.1
  • OR openldap2-client-64bit less than 2.3.32-0.37.1
  • OR openldap2-client-x86 less than 2.3.32-0.37.1
  • OR openldap2-client less than 2.3.32-0.37.1
  • OR openldap2-devel-32bit less than 2.3.32-0.37.1
  • OR openldap2-devel-64bit less than 2.3.32-0.37.1
  • OR openldap2-devel less than 2.3.32-0.37.1
  • OR openldap2 less than 2.3.32-0.37.1
  • OR Package Information
  • sles10-sp3-sap is installed
  • AND
  • openldap2-back-meta less than 2.3.32-0.37.1
  • OR openldap2-back-perl less than 2.3.32-0.37.1
  • OR openldap2-client-32bit less than 2.3.32-0.37.1
  • OR openldap2-client less than 2.3.32-0.37.1
  • OR openldap2-devel-32bit less than 2.3.32-0.37.1
  • OR openldap2-devel less than 2.3.32-0.37.1
  • OR openldap2 less than 2.3.32-0.37.1
  • OR Package Information
  • sles10-sp3-sdk is installed
  • AND
  • openldap2-back-meta less than 2.3.32-0.37.1
  • OR openldap2-back-perl less than 2.3.32-0.37.1
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • libldap-2_4-2-2.4.12-7.19.1 is installed
  • OR libldap-2_4-2-32bit-2.4.12-7.19.1 is installed
  • OR libldap-2_4-2-x86-2.4.12-7.19.1 is installed
  • OR openldap2-2.4.12-7.19.1 is installed
  • OR openldap2-back-meta-2.4.12-7.19.1 is installed
  • OR openldap2-client-2.4.12-7.19.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • AND
  • libldap-2_4-2-2.4.12-7.19 is installed
  • OR libldap-2_4-2-32bit-2.4.12-7.19 is installed
  • OR libldap-2_4-2-x86-2.4.12-7.19 is installed
  • OR openldap2-2.4.12-7.19 is installed
  • OR openldap2-back-meta-2.4.12-7.19 is installed
  • OR openldap2-client-2.4.12-7.19 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • libldap-2_4-2-2.4.20-0.5 is installed
  • OR libldap-2_4-2-32bit-2.4.20-0.5 is installed
  • OR libldap-2_4-2-x86-2.4.20-0.5 is installed
  • OR openldap2-2.4.20-0.5 is installed
  • OR openldap2-back-meta-2.4.20-0.5 is installed
  • OR openldap2-client-2.4.20-0.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND
  • libldap-2_4-2-2.4.12-7.19 is installed
  • OR libldap-2_4-2-32bit-2.4.12-7.19 is installed
  • OR libldap-2_4-2-x86-2.4.12-7.19 is installed
  • OR openldap2-2.4.12-7.19 is installed
  • OR openldap2-back-meta-2.4.12-7.19 is installed
  • OR openldap2-client-2.4.12-7.19 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • libldap-2_4-2-2.4.20-0.5 is installed
  • OR libldap-2_4-2-32bit-2.4.20-0.5 is installed
  • OR libldap-2_4-2-x86-2.4.20-0.5 is installed
  • OR openldap2-2.4.20-0.5 is installed
  • OR openldap2-back-meta-2.4.20-0.5 is installed
  • OR openldap2-client-2.4.20-0.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND
  • libldap-2_4-2-2.4.12-7.19 is installed
  • OR libldap-2_4-2-32bit-2.4.12-7.19 is installed
  • OR libldap-2_4-2-x86-2.4.12-7.19 is installed
  • OR openldap2-2.4.12-7.19 is installed
  • OR openldap2-back-meta-2.4.12-7.19 is installed
  • OR openldap2-client-2.4.12-7.19 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • libldap-2_4-2-2.4.20-0.5 is installed
  • OR libldap-2_4-2-32bit-2.4.20-0.5 is installed
  • OR libldap-2_4-2-x86-2.4.20-0.5 is installed
  • OR openldap2-2.4.20-0.5 is installed
  • OR openldap2-back-meta-2.4.20-0.5 is installed
  • OR openldap2-client-2.4.20-0.5 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND
  • libldap-2_4-2-2.4.20-0.5 is installed
  • OR libldap-2_4-2-32bit-2.4.20-0.5 is installed
  • OR openldap2-2.4.20-0.5 is installed
  • OR openldap2-back-meta-2.4.20-0.5 is installed
  • OR openldap2-client-2.4.20-0.5 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND
  • libldap-2_4-2-2.4.12-7.19.1 is installed
  • OR libldap-2_4-2-32bit-2.4.12-7.19.1 is installed
  • OR libldap-2_4-2-x86-2.4.12-7.19.1 is installed
  • OR openldap2-2.4.12-7.19.1 is installed
  • OR openldap2-back-meta-2.4.12-7.19.1 is installed
  • OR openldap2-client-2.4.12-7.19.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • libldap-2_4-2-2.4.20-0.5.1 is installed
  • OR libldap-2_4-2-32bit-2.4.20-0.5.1 is installed
  • OR libldap-2_4-2-x86-2.4.20-0.5.1 is installed
  • OR openldap2-2.4.20-0.5.1 is installed
  • OR openldap2-back-meta-2.4.20-0.5.1 is installed
  • OR openldap2-client-2.4.20-0.5.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND
  • libldap-2_4-2-2.4.20-0.5.1 is installed
  • OR libldap-2_4-2-32bit-2.4.20-0.5.1 is installed
  • OR openldap2-2.4.20-0.5.1 is installed
  • OR openldap2-back-meta-2.4.20-0.5.1 is installed
  • OR openldap2-client-2.4.20-0.5.1 is installed
    • BACK