CVE-2015-6908. Passing a crafted packet to the function ber_get_next(),
an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582).
Affected Packages(14 packages)
libldap-2_4-2
SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4
Fixed in:
2.4.26-0.62.2
libldap-2_4-2-32bit
SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4
Fixed in:
2.4.26-0.62.2
openldap2-client
SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4
Fixed in:
2.4.26-0.62.2
compat-libldap-2_3-0
SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4
Fixed in:
2.3.37-2.62.2
libldap-2_4-2-x86
SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4
Fixed in:
2.4.26-0.62.2
openldap2
SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4
Fixed in:
2.4.26-0.62.2
openldap2-back-meta
SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4