Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-0211

EPSS 42.63% · P97
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-0211

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenLDAP modrdn请求内存破坏漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenLDAP是美国OpenLDAP基金会的一个轻型目录访问协议(LDAP)的自由和开源实现,它已被包含在Linux发行版中。 OpenLDAP的servers/slapd/modrdn.c文件中的slap_modrdn2mods()函数没有检查smr_normalize()的返回值,远程攻击者可以通过发送包含有特制rdn字符串的modrdn请求释放未初始化的指针,导致内存破坏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-0211

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-0211

登录查看更多情报信息。

Same Patch Batch · n/a · 2010-07-27 · 27 CVEs total

CVE-2009-4962Adammo Fat Player栈缓冲区溢出漏洞
CVE-2009-4974Sweetphp TotalCalendar 'box_display.php'目录遍历漏洞
CVE-2009-4973Sweetphp TotalCalendar 'rss.php'SQL注入漏洞
CVE-2009-4972SimpleID 'index.php'跨站脚本攻击漏洞
CVE-2009-4971TYPO3 AJAX Chat扩展件未明SQL注入漏洞
CVE-2009-4970TYPO3 t3m_affiliate扩展件未明SQL注入漏洞
CVE-2009-4969TYPO3 Solidbase Bannermanagement扩展件未明SQL注入漏洞
CVE-2009-4968TYPO3 Event Registration扩展件未明SQL注入漏洞
CVE-2009-4967TYPO3 Car扩展件未明SQL注入漏洞
CVE-2009-4966TYPO3 AST ZipCodeSearch扩展件未明SQL注入漏洞
CVE-2009-4965TYPO3 AIRware Lexicon跨站件SQL注入漏洞
CVE-2009-4964Ksplayer KSP 2006 FINAL栈缓冲区溢出漏洞
CVE-2009-4963TYPO3 Commerce扩展件跨站脚本攻击漏洞
CVE-2010-0212OpenLDAP modrdn请求空指针引用漏洞
CVE-2009-4961Lanai Core默认配置信息泄露漏洞
CVE-2009-4960Lanai Core 'modules/backup/download.php'目录遍历漏洞
CVE-2009-4959TYPO3 TT3M E-Mail Marketing工具扩展件SQL注入漏洞
CVE-2009-4958EMO Breader Manager 'video.php'SQL注入漏洞
CVE-2010-2704HP OpenView网络节点管理器ov.dll库远程溢出漏洞
CVE-2010-2703HP OpenView网络节点管理器ov.dll库execvp_nc函数远程栈溢出漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-0211

No comments yet

Leave a comment