N/A

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript.

N/A

N/A

OpenLDAP 安全漏洞

OpenLDAP是美国OpenLDAP基金会的一个轻型目录访问协议（LDAP）的自由和开源实现，它已被包含在Linux发行版中。 OpenLDAP 2.4.45及之前的版本中的slapd存在安全漏洞，该漏洞源于程序移除权限后，创建了PID文件。本地攻击者可利用该漏洞终止任意进程。

N/A

N/A