CVE-2007-5708

NameCVE-2007-5708
Descriptionslapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1541-1, DTSA-87-1
NVD severityhigh (attack range: remote)
Debian Bugs448644

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
openldap2.3source(unstable)2.3.39-1medium448644
openldap2.3sourceetch2.3.30-5+etch1highDSA-1541-1
openldap2.3sourcelenny2.3.38-1+lenny1highDTSA-87-1

Search for package or bug name: Reporting problems