What is CVE-2015-1545?

CVE-2015-1545 is a vulnerability in Openldap. Published 2015-02-12.

Is CVE-2015-1545 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Openldap

CVE-2015-1545

The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a…

EPSS: 0.648 (98.5th percentile) — read the EPSS interpretation.

Affected products

Openldap — versions 2.4.13, 2.4.14, 2.4.15
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

72519 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
openldap-cve20151545-dos(100937) (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
DSA-3209 (vendor-advisory, x_refsource_DEBIAN)
APPLE-SA-2015-04-08-2 (vendor-advisory, x_refsource_APPLE)
openSUSE-SU-2015:1325 (vendor-advisory, x_refsource_SUSE)
1032399 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2015-1545?: CVE-2015-1545 is a vulnerability in Openldap. Published 2015-02-12.
Is CVE-2015-1545 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.