CVE-2017-9287

medium

Trellix

CVSS v3 Base Score

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

26.5%

Exploitation probability in 30 days

Top 4% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Confidentiality

None

Integrity

None

Availability

High

Published: May 29, 2017 (3271 days ago)

Last Modified: May 13, 2026

Vendor: Trellix

Source: NVD

Description

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

CWE

CWE-415

Affected Products

openldap openldapdebian debian linuxredhat enterprise linux desktopredhat enterprise linux eusredhat enterprise linux serverredhat enterprise linux server ausredhat enterprise linux server tusredhat enterprise linux workstationmcafee policy auditororacle blockchain platform

References

🔗 www.debian.org 🔗 www.openldap.org 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 access.redhat.com

CVE-2017-9287

Vulnerability Report

Description

CWE

Affected Products

References