What is CVE-2008-2952?

CVE-2008-2952 is a vulnerability in N/a. Published 2008-07-01.

Is CVE-2008-2952 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-2952

liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.

EPSS: 0.553 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

RHSA-2008:0583 (x_refsource_REDHAT, vendor-advisory)
GLSA-200808-09 (vendor-advisory, x_refsource_GENTOO)
31364 (x_refsource_SECUNIA, third-party-advisory)
oval:org.mitre.oval:def:10662 (x_refsource_OVAL, signature, vdb-entry)
30917 (x_refsource_SECUNIA, third-party-advisory)
APPLE-SA-2008-07-31 (vendor-advisory, x_refsource_APPLE)
openldap-bergetnext-dos(43515) (vdb-entry, x_refsource_XF)
www.openldap.org/its/index.cgi/Software Bugs (x_refsource_CONFIRM)
DSA-1650 (vendor-advisory, x_refsource_DEBIAN)
30013 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2008-2952?: CVE-2008-2952 is a vulnerability in N/a. Published 2008-07-01.
Is CVE-2008-2952 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.