Heap-based buffer overflow in OpenLDAP's UTF8StringNormalize function allows for denial of service (slapd crash) via zero-length string input
CVE-2011-4079 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:N/A:P
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry.
Learn more about our Web Application Penetration Testing UK.