CVE-2006-5779

🟡 Monitoruj

Przepełnienie bufora w OpenLDAP umożliwia zdalnym atakującym wywołanie awarii usługi.

CVSS

7.5

EPSS

43.4%

Exploit

poc

Vendor

canonical

Opis źródłowy (NVD)

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

dos exploit Brak patcha

Źródła i daty

Źródło	Wartość
NVD – CVSS	7.5
CISA KEV (aktywnie wykorzystywane)	Nie
FIRST EPSS (prawdopodobieństwo exploita)	43.4%
Opublikowano (NVD)	2006-11-07 18:07:00 UTC
Ostatnia modyfikacja (NVD)	2026-04-23 00:35:47 UTC

Referencje

http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz (cve@mitre.org) [Broken Link, Exploit]
http://gleg.net/vulndisco_meta.shtml (cve@mitre.org) [Broken Link, Exploit]
http://secunia.com/advisories/22750 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://secunia.com/advisories/22953 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://secunia.com/advisories/22996 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://secunia.com/advisories/23125 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://secunia.com/advisories/23133 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://secunia.com/advisories/23152 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://secunia.com/advisories/23170 (cve@mitre.org) [Broken Link, Vendor Advisory]
http://security.gentoo.org/glsa/glsa-200611-25.xml (cve@mitre.org) [Third Party Advisory]
http://securityreason.com/securityalert/1831 (cve@mitre.org) [Broken Link]
http://securitytracker.com/id?1017166 (cve@mitre.org) [Broken Link, Exploit, Third Party Advisory, VDB Entry]
http://www.mandriva.com/security/advisories?name=MDKSA-2006:208 (cve@mitre.org) [Broken Link]
http://www.novell.com/linux/security/advisories/2006_72_openldap2.html (cve@mitre.org) [Broken Link]
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4740 (cve@mitre.org) [Exploit, Issue Tracking]
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.033-openldap.html (cve@mitre.org) [Broken Link]
http://www.securityfocus.com/archive/1/450728/100/0/threaded (cve@mitre.org) [Broken Link, Third Party Advisory, VDB Entry]
http://www.securityfocus.com/bid/20939 (cve@mitre.org) [Broken Link, Exploit, Third Party Advisory, VDB Entry]
http://www.trustix.org/errata/2006/0066/ (cve@mitre.org) [Broken Link]
http://www.ubuntu.com/usn/usn-384-1 (cve@mitre.org) [Third Party Advisory]
http://www.vupen.com/english/advisories/2006/4379 (cve@mitre.org) [Broken Link, Vendor Advisory]
https://exchange.xforce.ibmcloud.com/vulnerabilities/30076 (cve@mitre.org) [Third Party Advisory, VDB Entry]
https://issues.rpath.com/browse/RPL-820 (cve@mitre.org) [Broken Link]