Debian Security Advisory 3356-1

Debian Security Advisory 3356-1: Posted Sep 15, 2015; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3356-1 - Denis Andzakovic discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, does not properly handle BER data. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet.; tags | advisory, remote, denial of service, protocol; systems | linux, debian; advisories | CVE-2015-6908; SHA-256 | 6ea26f64cefbfb2556a3754993d105f8cd15fe3aedccdcdf9a191f239a95031f; Download | Favorite | View

Debian Security Advisory 3356-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3356-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 12, 2015                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openldap
CVE ID         : CVE-2015-6908
Debian Bug     : 798622

Denis Andzakovic discovered that OpenLDAP, a free implementation of the
Lightweight Directory Access Protocol, does not properly handle BER
data. An unauthenticated remote attacker can use this flaw to cause a
denial of service (slapd daemon crash) via a specially crafted packet.

For the oldstable distribution (wheezy), this problem has been fixed
in version 2.4.31-2+deb7u1.

For the stable distribution (jessie), this problem has been fixed in
version 2.4.40+dfsg-1+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 2.4.42+dfsg-2.

We recommend that you upgrade your openldap packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV87FJAAoJEAVMuPMTQ89EQg0P/3PLqJ6BGTe82TdHFblTXOo5
7Un/Wyn/vlpZmxvvyK2V0aUyaxHMxJF4epkkxYuw1aezkLTL0N4TJD340BKg07yL
shEPGarzr8Uz09vtiXwGkVbdN9Vy3O+EnAsUeWri5msi7gvi16p7lWKRE+sFlJUB
Tc4tMP4DtT60gTh+nhnEPPzqZ1fN8/Q2hjfMo4OypZJiMShRyA+/8a5BO9MtRFt5
MlM8j7N6WWujevvaQruYvZMlRhiX3y1Nj6Qs4tI1K516LwvWKxSB6E/i0DvRlXng
AK3XcG63XpEk5Xvyn0r2IqQ2BPHguKpyZBknP0t6WZuVSDKBnDPWkyn6IFd5mIbi
v7ASefpqdMeoyMbO9geLDnjA4QLwzf+D/FHHFaiS6RvRCecYQpQ+zFKaElAK80Af
fnsc69cwkwP3QGgke0yZNwFAlGNjnYpZA/kbkuajWhvDJ7ORzcUCDeJl/aM8Ewd6
hONkpCBt9ZkEP2NXiO8nh2OUnxob6apFrdRizrXg0z+FWcjFLjWzzZDfQ61Bc9P3
kW0LpedsteYv+ALhLG/vmrXhNQu6vX/alPiIsyaKXvENb3VMxMqpweEhuvLRNpKl
uTeKN+c1p+tT1jFfTe97UspRPnkmUqHuvBAPjifFr5ul7JSXzpo/gm3n1C3xXRuW
JzjOveySpH1hwGsrmXSR
=kj8y
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Debian Security Advisory 3356-1

Debian Security Advisory 3356-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3356-1

Share This

Debian Security Advisory 3356-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems