CVE-2006-5779

Publication date 7 November 2006

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

7.5 · High

Score breakdown

Description

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

Status

Package Ubuntu Release Status
openldap2.2 7.04 feisty Not in release
6.10 edgy
Fixed 2.2.26-5ubuntu3.1
6.06 LTS dapper
Fixed 2.2.26-5ubuntu2.2
openldap2.3 7.04 feisty
Fixed 2.3.30-2
6.10 edgy Not in release
6.06 LTS dapper Not in release

Severity score breakdown

CVSS version: CVSS v3.0

Base score 7.5 · High

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-384-1
    • OpenLDAP vulnerability
    • 21 November 2006

Other references

Access our resources on patching vulnerabilities