Uninitialized Pointer Vulnerability in OpenLDAP 2.1.12 and Earlier

Uninitialized Pointer Vulnerability in OpenLDAP 2.1.12 and Earlier

CVE-2003-1201 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).

Learn more about our Web Application Penetration Testing UK.