CVE-2011-1081 (GCVE-0-2011-1081)

Vulnerability from cvelistv5 – Published: 2011-03-20 01:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://security.gentoo.org/glsa/glsa-201406-36.xml vendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://openwall.com/lists/oss-security/2011/03/01/15 mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/03/01/11 mailing-listx_refsource_MLIST
http://www.openldap.org/its/index.cgi/Software%20… x_refsource_CONFIRM
http://www.openldap.org/lists/openldap-announce/2… mailing-listx_refsource_MLIST
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
https://bugzilla.novell.com/show_bug.cgi?id=674985 x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2011-03… vendor-advisoryx_refsource_REDHAT
http://openwall.com/lists/oss-security/2011/02/28/1 mailing-listx_refsource_MLIST
http://kb.juniper.net/InfoCenter/index?page=conte… x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://openwall.com/lists/oss-security/2011/02/28/2 mailing-listx_refsource_MLIST
http://secunia.com/advisories/43718 third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1100-1 vendor-advisoryx_refsource_UBUNTU
http://securitytracker.com/id?1025191 vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2011/0665 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/43331 third-party-advisoryx_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=680975 x_refsource_CONFIRM
http://www.openldap.org/devel/cvsweb.cgi/servers/… x_refsource_CONFIRM
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:27.830Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201406-36",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-36.xml"
          },
          {
            "name": "openldap-modrdnc-dos(66239)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66239"
          },
          {
            "name": "[oss-security] 20110301 Re: CVE Request -- OpenLDAP -- two issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/01/15"
          },
          {
            "name": "[oss-security] 20110301 Re: CVE Request -- OpenLDAP -- two issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/03/01/11"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768"
          },
          {
            "name": "[openldap-announce] 20110212 OpenLDAP 2.4.24 available",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/lists/openldap-announce/201102/msg00000.html"
          },
          {
            "name": "MDVSA-2011:056",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:056"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.novell.com/show_bug.cgi?id=674985"
          },
          {
            "name": "RHSA-2011:0347",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0347.html"
          },
          {
            "name": "[oss-security] 20110228 Re: CVE Request -- OpenLDAP -- two issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/28/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "MDVSA-2011:055",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:055"
          },
          {
            "name": "[oss-security] 20110228 Re: CVE Request -- OpenLDAP -- two issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/28/2"
          },
          {
            "name": "43718",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43718"
          },
          {
            "name": "USN-1100-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1100-1"
          },
          {
            "name": "1025191",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025191"
          },
          {
            "name": "ADV-2011-0665",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0665"
          },
          {
            "name": "43331",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43331"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680975"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8\u0026r2=1.170.2.9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-201406-36",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-36.xml"
        },
        {
          "name": "openldap-modrdnc-dos(66239)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66239"
        },
        {
          "name": "[oss-security] 20110301 Re: CVE Request -- OpenLDAP -- two issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/01/15"
        },
        {
          "name": "[oss-security] 20110301 Re: CVE Request -- OpenLDAP -- two issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/03/01/11"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768"
        },
        {
          "name": "[openldap-announce] 20110212 OpenLDAP 2.4.24 available",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openldap.org/lists/openldap-announce/201102/msg00000.html"
        },
        {
          "name": "MDVSA-2011:056",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:056"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.novell.com/show_bug.cgi?id=674985"
        },
        {
          "name": "RHSA-2011:0347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0347.html"
        },
        {
          "name": "[oss-security] 20110228 Re: CVE Request -- OpenLDAP -- two issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/28/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "MDVSA-2011:055",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:055"
        },
        {
          "name": "[oss-security] 20110228 Re: CVE Request -- OpenLDAP -- two issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/28/2"
        },
        {
          "name": "43718",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43718"
        },
        {
          "name": "USN-1100-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1100-1"
        },
        {
          "name": "1025191",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025191"
        },
        {
          "name": "ADV-2011-0665",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0665"
        },
        {
          "name": "43331",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43331"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680975"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8\u0026r2=1.170.2.9"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1081",
    "datePublished": "2011-03-20T01:00:00",
    "dateReserved": "2011-02-24T00:00:00",
    "dateUpdated": "2024-08-06T22:14:27.830Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EC66226-A597-4A4C-932F-F4A7BAE119C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AEABC84-7B67-4FD4-A891-E52C80DC881E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"340F673A-295E-4B75-A9D1-E785B0440BE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49203E99-71E2-49D4-91A0-65AAAA7DC18F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"473AEC48-FBBF-4BEB-8728-1FA80DD94807\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B0415EA-5F21-44C3-93F3-DDADBAA64449\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16AFC655-E81F-4FDE-8030-9781A8B79E73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E99FB859-D023-4B2B-A709-05E83A46E2A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D2EEBC7-1FAF-43E2-A124-C387C02D9E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95D242E4-D5EB-4785-A6EF-60B1E8E2B0EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6FEDD9C-FDF7-456A-B06C-0A4A4443991D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9245CDE2-B90A-4D47-BA20-A7869FF0A645\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB993E4D-E573-4495-97DE-465DDB2AA2DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0F106A3-63D5-4D07-9440-6628DBA78BE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36CC03BC-DF34-43CD-90B0-27D23A1DD06A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16C90FEE-527E-47F5-8840-517A55163D8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FAEA812-BB47-47A3-A975-B3B8D30DBA36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DE5D180-3972-40A0-ADAF-A4F3364D1381\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.\"}, {\"lang\": \"es\", \"value\": \"modrdn.c en slapd en OpenLDAP v2.4.x anterior a v2.4.24 permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (ca\\u00edda de demonio) mediante una petici\\u00f3n de modificaci\\u00f3n del nombre completo relativo (DN) (tambi\\u00e9n conocido como operaci\\u00f3n MODRDN) que contiene un valor vac\\u00edo para el campo OldDN.\"}]",
      "id": "CVE-2011-1081",
      "lastModified": "2024-11-21T01:25:28.773",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2011-03-20T02:00:04.143",
      "references": "[{\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/02/28/1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/02/28/2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/01/11\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/01/15\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/43331\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43718\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-36.xml\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1025191\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:055\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:056\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8\u0026r2=1.170.2.9\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openldap.org/lists/openldap-announce/201102/msg00000.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0347.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1100-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0665\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.novell.com/show_bug.cgi?id=674985\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=680975\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/66239\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/02/28/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/02/28/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/01/11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/01/15\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/43331\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43718\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-36.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1025191\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:055\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:056\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8\u0026r2=1.170.2.9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openldap.org/lists/openldap-announce/201102/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0347.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1100-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0665\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.novell.com/show_bug.cgi?id=674985\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=680975\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/66239\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1081\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-03-20T02:00:04.143\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.\"},{\"lang\":\"es\",\"value\":\"modrdn.c en slapd en OpenLDAP v2.4.x anterior a v2.4.24 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de demonio) mediante una petici\u00f3n de modificaci\u00f3n del nombre completo relativo (DN) (tambi\u00e9n conocido como operaci\u00f3n MODRDN) que contiene un valor vac\u00edo para el campo OldDN.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC66226-A597-4A4C-932F-F4A7BAE119C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AEABC84-7B67-4FD4-A891-E52C80DC881E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"340F673A-295E-4B75-A9D1-E785B0440BE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49203E99-71E2-49D4-91A0-65AAAA7DC18F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"473AEC48-FBBF-4BEB-8728-1FA80DD94807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B0415EA-5F21-44C3-93F3-DDADBAA64449\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16AFC655-E81F-4FDE-8030-9781A8B79E73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E99FB859-D023-4B2B-A709-05E83A46E2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D2EEBC7-1FAF-43E2-A124-C387C02D9E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D242E4-D5EB-4785-A6EF-60B1E8E2B0EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FEDD9C-FDF7-456A-B06C-0A4A4443991D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9245CDE2-B90A-4D47-BA20-A7869FF0A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB993E4D-E573-4495-97DE-465DDB2AA2DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0F106A3-63D5-4D07-9440-6628DBA78BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36CC03BC-DF34-43CD-90B0-27D23A1DD06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C90FEE-527E-47F5-8840-517A55163D8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FAEA812-BB47-47A3-A975-B3B8D30DBA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE5D180-3972-40A0-ADAF-A4F3364D1381\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/28/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/28/2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/01/11\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/01/15\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/43331\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43718\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-36.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1025191\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:055\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:056\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8\u0026r2=1.170.2.9\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openldap.org/lists/openldap-announce/201102/msg00000.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0347.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1100-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0665\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.novell.com/show_bug.cgi?id=674985\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=680975\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66239\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/02/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/01/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/01/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43718\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-36.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1025191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:056\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8\u0026r2=1.170.2.9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openldap.org/lists/openldap-announce/201102/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0347.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1100-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.novell.com/show_bug.cgi?id=674985\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=680975\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66239\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.