CVE-2017-17740
CVE Details
Visit the official vulnerability details page for CVE-2017-17740 to learn more.
Initial Publication
01/20/2025
Last Update
09/02/2025
Third Party Dependency
libldap-2.5-0
NIST CVE Summary
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
CVE Severity
Our Official Summary
This is a high-severity vulnerability in OpenLDAP versions up to 2.4.45. It arises when both the nops module and the memberof overlay are enabled. In this configuration, the nops module attempts to free a buffer that was allocated on the stack, leading to a stack-based buffer overflow. This flaw allows remote attackers to cause a denial of service (DoS) by crashing the slapd daemon through a crafted MODDN (Modify Distinguished Name) operation.
Risk of exploitation is low for our products as attacker has to gain privilged access to the container and run code on the container to be able to exploit this. Probability of exploitation is very low. If a fix becomes available upstream, that will be adopted to fix this vulnerability.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.7.16 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
| 4.6.41 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
| 4.5.22 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 05/29/2025 | Status changed from Open to Ongoing |
| 05/29/2025 | Official summary added |