CVE-2010-0212 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-0212 Interim 1 15 2023-12-09T01:59:47Z current 2021-05-30T12:50:11Z 2023-12-09T01:59:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-0212 OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4IE7I5U4VU7ZSJNN3DHYMM3JYGTV67J6/#4IE7I5U4VU7ZSJNN3DHYMM3JYGTV67J6 E-Mail link for SUSE-SR:2010:014 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FSXFHANA6PYQY7T3E6HMSFOOW3UB6V2I/#FSXFHANA6PYQY7T3E6HMSFOOW3UB6V2I E-Mail link for SUSE-SR:2010:016 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 libldap-2_4-2-2.4.12-7.19.1 libldap-2_4-2-2.4.20-0.5.1 libldap-2_4-2-32bit-2.4.12-7.19.1 libldap-2_4-2-32bit-2.4.20-0.5.1 libldap-2_4-2-x86-2.4.12-7.19.1 openldap2-2.4.12-7.19.1 openldap2-2.4.20-0.5.1 openldap2-back-meta-2.4.12-7.19.1 openldap2-back-meta-2.4.20-0.5.1 openldap2-client-2.4.12-7.19.1 openldap2-client-2.4.20-0.5.1 libldap-2_4-2-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 libldap-2_4-2-32bit-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 libldap-2_4-2-x86-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 openldap2-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 openldap2-back-meta-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 openldap2-client-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server 11 libldap-2_4-2-2.4.20-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libldap-2_4-2-32bit-2.4.20-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA openldap2-2.4.20-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA openldap2-back-meta-2.4.20-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA openldap2-client-2.4.20-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libldap-2_4-2-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libldap-2_4-2-32bit-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 libldap-2_4-2-x86-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-back-meta-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 openldap2-client-2.4.12-7.19.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. CVE-2010-0212 SUSE Linux Enterprise Server 11:libldap-2_4-2-2.4.12-7.19.1 SUSE Linux Enterprise Server 11:libldap-2_4-2-32bit-2.4.12-7.19.1 SUSE Linux Enterprise Server 11:libldap-2_4-2-x86-2.4.12-7.19.1 SUSE Linux Enterprise Server 11:openldap2-2.4.12-7.19.1 SUSE Linux Enterprise Server 11:openldap2-back-meta-2.4.12-7.19.1 SUSE Linux Enterprise Server 11:openldap2-client-2.4.12-7.19.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libldap-2_4-2-2.4.20-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libldap-2_4-2-32bit-2.4.20-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:openldap2-2.4.20-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:openldap2-back-meta-2.4.20-0.5.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:openldap2-client-2.4.20-0.5.1 SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-2.4.12-7.19.1 SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-32bit-2.4.12-7.19.1 SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-x86-2.4.12-7.19.1 SUSE Linux Enterprise Server for SAP Applications 11:openldap2-2.4.12-7.19.1 SUSE Linux Enterprise Server for SAP Applications 11:openldap2-back-meta-2.4.12-7.19.1 SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client-2.4.12-7.19.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P