First published: Tue Apr 28 2020(Updated: )
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
Credit: CVE-2020-12243 cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Catalina | <10.15.6 | 10.15.6 |
Apple Mojave | ||
Apple High Sierra | ||
debian/openldap | 2.4.47+dfsg-3+deb10u7 2.4.57+dfsg-3+deb11u1 2.5.13+dfsg-5 | |
ubuntu/openldap | <2.4.50 | 2.4.50 |
ubuntu/openldap | <2.4.45+dfsg-1ubuntu1.5 | 2.4.45+dfsg-1ubuntu1.5 |
ubuntu/openldap | <2.4.48+dfsg-1ubuntu1.1 | 2.4.48+dfsg-1ubuntu1.1 |
ubuntu/openldap | <2.4.49+dfsg-2ubuntu1.2 | 2.4.49+dfsg-2ubuntu1.2 |
ubuntu/openldap | <2.4.31-1+ | 2.4.31-1+ |
ubuntu/openldap | <2.4.42+dfsg-2ubuntu3.8 | 2.4.42+dfsg-2ubuntu3.8 |
Openldap Openldap | <2.4.50 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
openSUSE Leap | =15.1 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =19.10 | |
Canonical Ubuntu Linux | =20.04 | |
Netapp Cloud Backup | ||
Netapp Steelstore Cloud Integrated Storage | ||
All of | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
All of | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
All of | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
All of | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
All of | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
All of | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
All of | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
All of | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
Broadcom Brocade Fabric Operating System | ||
Apple Mac OS X | >=10.13.0<10.13.6 | |
Apple Mac OS X | >=10.14.0<10.14.6 | |
Apple Mac OS X | >=10.15<10.15.6 | |
Apple Mac OS X | =10.13.6-security_update_2018-002 | |
Apple Mac OS X | =10.13.6-security_update_2018-003 | |
Apple Mac OS X | =10.13.6-security_update_2019-001 | |
Apple Mac OS X | =10.13.6-security_update_2019-002 | |
Apple Mac OS X | =10.13.6-security_update_2019-003 | |
Apple Mac OS X | =10.13.6-security_update_2019-004 | |
Apple Mac OS X | =10.13.6-security_update_2019-005 | |
Apple Mac OS X | =10.13.6-security_update_2019-006 | |
Apple Mac OS X | =10.13.6-security_update_2019-007 | |
Apple Mac OS X | =10.13.6-security_update_2020-001 | |
Apple Mac OS X | =10.13.6-security_update_2020-002 | |
Apple Mac OS X | =10.13.6-security_update_2020-003 | |
Apple Mac OS X | =10.13.6-supplemental_update | |
Apple Mac OS X | =10.14.6-security_update_2019-001 | |
Apple Mac OS X | =10.14.6-security_update_2019-002 | |
Apple Mac OS X | =10.14.6-security_update_2019-004 | |
Apple Mac OS X | =10.14.6-security_update_2019-005 | |
Apple Mac OS X | =10.14.6-security_update_2019-006 | |
Apple Mac OS X | =10.14.6-security_update_2019-007 | |
Apple Mac OS X | =10.14.6-security_update_2020-001 | |
Apple Mac OS X | =10.14.6-security_update_2020-002 | |
Apple Mac OS X | =10.14.6-security_update_2020-003 | |
Apple Mac OS X | =10.14.6-security_update_2020-004 | |
Apple Mac OS X | =10.14.6-security_update_2020-005 | |
Apple Mac OS X | =10.14.6-security_update_2020-006 | |
Apple Mac OS X | =10.14.6-security_update_2020-007 | |
Apple Mac OS X | =10.14.6-security_update_2021-001 | |
Apple Mac OS X | =10.14.6-security_update_2021-002 | |
Apple Mac OS X | =10.14.6-security_update_2021-003 | |
Apple Mac OS X | =10.14.6-supplemental_update | |
Apple Mac OS X | =10.14.6-supplemental_update_2 | |
Oracle ZFS Storage Appliance Kit | =8.8 | |
Oracle Solaris | =10 | |
Oracle Solaris | =11 | |
Netapp H410c Firmware | ||
Netapp H410c | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
Netapp H410s Firmware | ||
Netapp H410s |
https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440 (2.4)
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2020-12243.
The vulnerability affects Apple macOS Catalina, Apple Mojave, and Apple High Sierra.
The severity of CVE-2020-12243 is not specified.
This vulnerability was addressed with improved checks.
More information about this vulnerability can be found at the following link: [CVE-2020-12243](https://support.apple.com/en-us/HT211289)