{"id":"USN-2622-1","summary":"openldap vulnerabilities","details":"It was discovered that OpenLDAP incorrectly handled certain search queries\nthat returned empty attributes. A remote attacker could use this issue to\ncause OpenLDAP to assert, resulting in a denial of service. This issue only\naffected Ubuntu 12.04 LTS. (CVE-2012-1164)\n\nMichael Vishchers discovered that OpenLDAP improperly counted references\nwhen the rwm overlay was used. A remote attacker could use this issue to\ncause OpenLDAP to crash, resulting in a denial of service. (CVE-2013-4449)\n\nIt was discovered that OpenLDAP incorrectly handled certain empty attribute\nlists in search requests. A remote attacker could use this issue to cause\nOpenLDAP to crash, resulting in a denial of service. (CVE-2015-1545)\n","modified":"2026-04-22T09:13:10.146338Z","published":"2015-05-26T17:45:13Z","related":["UBUNTU-CVE-2013-4449","UBUNTU-CVE-2015-1545"],"upstream":["CVE-2013-4449","CVE-2015-1545","UBUNTU-CVE-2012-1164","UBUNTU-CVE-2013-4449","UBUNTU-CVE-2015-1545"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2622-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2012-1164"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2013-4449"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-1545"}],"affected":[{"package":{"name":"openldap","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/openldap@2.4.31-1+nmu2ubuntu8.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.31-1+nmu2ubuntu8.1"}]}],"versions":["2.4.31-1+nmu2ubuntu3","2.4.31-1+nmu2ubuntu4","2.4.31-1+nmu2ubuntu5","2.4.31-1+nmu2ubuntu8"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"ldap-utils","binary_version":"2.4.31-1+nmu2ubuntu8.1"},{"binary_name":"libldap-2.4-2","binary_version":"2.4.31-1+nmu2ubuntu8.1"},{"binary_name":"slapd","binary_version":"2.4.31-1+nmu2ubuntu8.1"},{"binary_name":"slapd-smbk5pwd","binary_version":"2.4.31-1+nmu2ubuntu8.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2622-1.json","cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[{"severity":[{"type":"Ubuntu","score":"low"}],"id":"CVE-2013-4449"},{"severity":[{"type":"Ubuntu","score":"low"}],"id":"CVE-2015-1545"}]}}}],"schema_version":"1.7.5"}