LDAP: OpenLDAP slapd Search Parsing checkTime Assertion Failure
This signature detects attempts to exploit a known vulnerability against OpenLDAP slapd. A successful attack can result in a denial-of-service condition.
Extended Description
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.
Affected Products
Debian debian_linux
Short Name
LDAP:OPENLDAP-SLPD-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
LDAP
Keywords
Assertion CVE-2021-27212 Failure OpenLDAP Parsing Search checkTime slapd
Release Date
08/17/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Openldap
Debian
CVSS Score
5.0