Debian Security Advisory 1541-1 - Several remote vulnerabilities have been discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol.
69fcb84d4bc7e2013a90dd93eeb88420c908914cb89a94ea8e2e1fb1bcf462e0Gentoo Linux Security Advisory GLSA 200803-28 - Multiple Denial of Service vulnerabilities have been reported in OpenLDAP. Versions less than 2.3.41 are affected.
85b91bcb45f1cd510aeb6e46da094276b25371a737249e54827ae095cb5563b8Mandriva Linux Security Advisory - A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior to 2.3.39 when running as a proxy-caching server. It would allocate memory using a malloc variant rather than calloc, which prevented an array from being properly initialized and could possibly allow attackers to cause a denial of service. Two vulnerabilities were found in how slapd handled modify (prior to 2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on objects stored in the BDB backend. An authenticated user with permission to perform modify or modrdn operations could cause slapd to crash.
e1dd55f35e35b48f7bfc6c5d283befa889c1a4ab1ae5d0dfa300f4c283fd33eeUbuntu Security Notice 551-1 - Thomas Sesselmann discovered that the OpenLDAP slapd server did not properly handle certain modify requests. A remote attacker could send malicious modify requests to the server and cause a denial of service. Toby Blake discovered that slapd did not properly terminate an array while running as a proxy-caching server. A remote attacker may be able to send crafted search requests to the server and cause a denial of service. This issue only affects Ubuntu 7.04 and 7.10.
d77193488d3e81250b1087fc995f46a172b56f6fe7501029020c1bff97cc061c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed