CVE-2021-27212
Description
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
22.237
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.49+dfsg-2ubuntu1.7_i386.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.49+dfsg-2ubuntu1.7_amd64.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.53+dfsg-1ubuntu1.4_i386.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.53+dfsg-1ubuntu1.4_amd64.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.42+dfsg-2ubuntu3.13_i386.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.42+dfsg-2ubuntu3.13_amd64.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.45+dfsg-1ubuntu1.10_i386.deb | Linux |
| Lightweight Directory Access Protocol (USN-4744-1) slapd_2.4.45+dfsg-1ubuntu1.10_amd64.deb | Linux |
| Reachable Assertion Vulnerability (CVE-2021-27212) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234