QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2002-1378

Back to search

CVE-2002-1378

Published: Dec 17, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests.

VendorProductVersions

n/a

n/a

affected
n/a

References

6328
vdb-entry
x_refsource_BID
N-043
third-party-advisory
government-resource
x_refsource_CIAC
RHSA-2003:040
vendor-advisory
x_refsource_REDHAT
200212-12
vendor-advisory
x_refsource_GENTOO
TLSA-2003-5
vendor-advisory
x_refsource_TURBO
openldap-multiple-bo(10800)
vdb-entry
x_refsource_XF
SuSE-SA:2002:047
vendor-advisory
x_refsource_SUSE
MDKSA-2003:006
vendor-advisory
x_refsource_MANDRAKE
CLA-2002:556
vendor-advisory
x_refsource_CONECTIVA
DSA-227
vendor-advisory
x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now