我們使用 cookie 來幫助我們改善網頁體驗。請閱讀我們的 Cookie 政策

AS-2022-012: OpenLDAP

2022-08-29

Severity

Important

Status

Resolved


Statement

The OpenLDAP project announced multiple vulnerabilities that have been fixed in the latest release of OpenLDAP.

CVE-2022-29155 and other issues affected ASUSTOR products with ADM 4.1 and ADM 4.0.

  • OpenLDAP 2.6.2 has been updated on ADM 4.1.0.RKM1 and ADM 4.0.5.RWM1 to resolve the issue.

Affected Products

Product Severity Fixed Release Availability
ADM 4.1 Important Upgrade to 4.1.0.RKM1 or above.
ADM 4.0 Important Upgrade to 4.0.5.RWM1 or above.

Detail

  • CVE-2022-29155
    • Severity: Critical
    • In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.
  • CVE-2020-36221
    • Severity: High
    • An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
  • CVE-2020-36222
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
  • CVE-2020-36223
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
  • CVE-2020-36224
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
  • CVE-2020-36225
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
  • CVE-2020-36226
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
  • CVE-2020-36227
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
  • CVE-2020-36228
    • Severity: High
    • An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
  • CVE-2020-36229
    • Severity: High
    • A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
  • CVE-2020-36230
    • Severity: High
    • A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
  • CVE-2020-25710
    • Severity: High
    • A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
  • CVE-2020-25709
    • Severity: High
    • A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
  • CVE-2020-25692
    • Severity: High
    • A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.

Reference


Revision

Revision Date Description
1 2022-08-10 Initial public release.
2 2022-08-29 Release ADM 4.1.0.RKM1 and ADM 4.0.5.RWM1 to update OpenLDAP version for fixing the issue.