CVE-2002-1378

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/01/2003
Last modified:
03/04/2025

Description

Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:* 2.2.0 (including)