CVE-2015-6908 in Mac OS X
摘要 (英语)
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
预定
2015-09-11
披露
2015-09-11
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 79581 | Apple Mac OS X OpenLDAP 权限提升 | 20 | 概念验证 | 官方修复 | CVE-2015-6908 |
| 77678 | OpenLDAP io.c ber_get_next 权限提升 | 20 | 概念验证 | 官方修复 | CVE-2015-6908 |