The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T16:45:14.585Z
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4449

No data.

Status : Modified
Published: 2014-02-05T18:55:06.317
Modified: 2024-11-21T01:55:35.407
Link: CVE-2013-4449
