[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: About Buffer Overflows

To: openldap-software@OpenLDAP.org
Subject: Re: About Buffer Overflows
From: ZhangPu <zhang@fjh.fujitsu.com>
Date: Tue, 22 Feb 2005 08:56:25 +0900

Hello

I sent the mail below for question of buffer overflow, but no any 
responses. Would you please give me an answer?

By the way, does anybody know this? If you know, would you give me 
suggestion please.

Thanks
Pu

> Hello Kurt
> 
> From http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1378 
> I've read, 
> -------------
> Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and 
> earlier allow remote attackers to execute arbitrary code 
> -------------
> 
> But I cannot find the related information from OpenLDAP release 
> changelog and the mailing list. 
> 
> So I want to ask, 
> Which release has the detected buffer overflow bug?
> What have you corrected? 
> Is 2.1.19 safe? (If it is not, what's the problem of buffer 
> overflow it has?)
> 
> Hope you can give me suggestion.

Follow-Ups:
- Re: About Buffer Overflows
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: RE: 2.2.23 vs 2.3.1alpha speed compairisons
Next by Date: Re: About Buffer Overflows
Index(es):
- Chronological
- Thread