CVE-2006-6493

OpenLDAP <2.4.3 - RCE

Title source: llm

Description

Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the LDAP_AUTH_KRBV41 authentication method and long credential data.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Solar Eclipse · cremotelinux

https://www.exploit-db.com/exploits/2933

View Code ZIP pw:eip

References (5)

[Exploit, Vendor Advisory] http://www.securityfocus.com/archive/1/454181/30/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/2023

[Exploit] http://www.phreedom.org/solar/exploits/openldap-kbind

[Third Party Advisory] http://secunia.com/advisories/23334

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/4964

Scores

EPSS 0.0843

EPSS Percentile 92.3%

Details

Status published

Products (50)

openldap/openldap 1.0

openldap/openldap 1.0.1

openldap/openldap 1.0.2

openldap/openldap 1.0.3

openldap/openldap 1.1

openldap/openldap 1.1.0

openldap/openldap 1.1.1

openldap/openldap 1.1.2

openldap/openldap 1.1.3

openldap/openldap 1.1.4

... and 40 more

Published Dec 13, 2006

Tracked Since Feb 18, 2026