CVE-2008-2952

EPSS 55.3%

openldap - denial of service

Published: 7/1/2008Modified: 4/28/2026

Description

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.

Affected packages (3)

Debian/openldapfrom 0, < 2.4.10-3
Debian/openldapfrom 0, < 2.4.10-2+lenny1
Debian/openldap2.3from 0, < 2.3.30-5+etch2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2952