Total vulnerabilities in the database
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.
| Software | From | Fixed in |
|---|---|---|
| openldap / openldap | 2.4.17 | 2.4.17.x |
| openldap / openldap | 2.4.6 | 2.4.6.x |
| openldap / openldap | 2.4.11 | 2.4.11.x |
| openldap / openldap | 2.4.8 | 2.4.8.x |
| openldap / openldap | 2.4.26 | 2.4.26.x |
| openldap / openldap | - | 2.4.29.x |
| openldap / openldap | 2.4.9 | 2.4.9.x |
| openldap / openldap | 2.4.16 | 2.4.16.x |
| openldap / openldap | 2.4.22 | 2.4.22.x |
| openldap / openldap | 2.4.25 | 2.4.25.x |
| openldap / openldap | 2.4.20 | 2.4.20.x |
| openldap / openldap | 2.4.15 | 2.4.15.x |
| openldap / openldap | 2.4.18 | 2.4.18.x |
| openldap / openldap | 2.4.27 | 2.4.27.x |
| openldap / openldap | 2.4.7 | 2.4.7.x |
| openldap / openldap | 2.4.28 | 2.4.28.x |
| openldap / openldap | 2.4.23 | 2.4.23.x |
| openldap / openldap | 2.4.24 | 2.4.24.x |
| openldap / openldap | 2.4.14 | 2.4.14.x |
| openldap / openldap | 2.4.19 | 2.4.19.x |
| openldap / openldap | 2.4.12 | 2.4.12.x |
| openldap / openldap | 2.4.21 | 2.4.21.x |
| openldap / openldap | 2.4.13 | 2.4.13.x |
| openldap / openldap | 2.4.10 | 2.4.10.x |