MDVSA-2011:055

Package name

openldap

Date

2011-03-30

Advisory ID

MDVSA-2011:055

Affected versions

2009.0 x86_64 , 2009.0 i586 , MES5 i586 , MES5 x86_64

Problem description

Multiple vulnerabilities has been identified and fixed in openldap:

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24,
when a master-slave configuration with a chain overlay and
ppolicy_forward_updates (aka authentication-failure forwarding) is
used, allows remote authenticated users to bypass external-program
authentication by sending an invalid password to a slave server
(CVE-2011-1024).

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote
attackers to cause a denial of service (daemon crash) via a relative
Distinguished Name (DN) modification request (aka MODRDN operation)
that contains an empty value for the OldDN field (CVE-2011-1081).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Updated packages

2009.0 x86_64

 ecf971b49682fb6637c335f2790413db  2009.0/x86_64/lib64ldap2.4_2-2.4.11-3.4mdv2009.0.x86_64.rpm
 df29b7188a9b48141288950b00f2d7c9  2009.0/x86_64/lib64ldap2.4_2-devel-2.4.11-3.4mdv2009.0.x86_64.rpm
 fbdfbe6bb56cbe74c4c35a711450ae04  2009.0/x86_64/lib64ldap2.4_2-static-devel-2.4.11-3.4mdv2009.0.x86_64.rpm
 6336cf856ad3fd9cb71e69f89ae621a5  2009.0/x86_64/openldap-2.4.11-3.4mdv2009.0.x86_64.rpm
 08cbb77b99ee361f06650fd04ab954c4  2009.0/x86_64/openldap-clients-2.4.11-3.4mdv2009.0.x86_64.rpm
 9f1bcc61420e107387d20afcbfbda8ca  2009.0/x86_64/openldap-doc-2.4.11-3.4mdv2009.0.x86_64.rpm
 a23b50b362db34c35d7e206147e40d1d  2009.0/x86_64/openldap-servers-2.4.11-3.4mdv2009.0.x86_64.rpm
 0726dd1f6b44f0c215a3c27644e426db  2009.0/x86_64/openldap-testprogs-2.4.11-3.4mdv2009.0.x86_64.rpm
 e66476117347d5c19ac64b6bf3a00484  2009.0/x86_64/openldap-tests-2.4.11-3.4mdv2009.0.x86_64.rpm 
 1b9fa8641f7f41d4dd859e73170d0b34  2009.0/SRPMS/openldap-2.4.11-3.4mdv2009.0.src.rpm

2009.0 i586

 83ccec2a20904df9a0ca143da248d5d9  2009.0/i586/libldap2.4_2-2.4.11-3.4mdv2009.0.i586.rpm
 71b97d10738a74644373e91269eaeed6  2009.0/i586/libldap2.4_2-devel-2.4.11-3.4mdv2009.0.i586.rpm
 9d8ed8fde6288f8883bb1d13344e047a  2009.0/i586/libldap2.4_2-static-devel-2.4.11-3.4mdv2009.0.i586.rpm
 fb3d985950e150a02e8c230a311051c3  2009.0/i586/openldap-2.4.11-3.4mdv2009.0.i586.rpm
 ba4a65282d12a598e1e951080a18565f  2009.0/i586/openldap-clients-2.4.11-3.4mdv2009.0.i586.rpm
 ed18a20fa96960cfc10034c732b56b2c  2009.0/i586/openldap-doc-2.4.11-3.4mdv2009.0.i586.rpm
 e68073473f08adf052cc166ea2f2c8e5  2009.0/i586/openldap-servers-2.4.11-3.4mdv2009.0.i586.rpm
 ff1dcd171670dbb0e84845761baec2d4  2009.0/i586/openldap-testprogs-2.4.11-3.4mdv2009.0.i586.rpm
 7f9e1581e730cc69109db37dd63453ba  2009.0/i586/openldap-tests-2.4.11-3.4mdv2009.0.i586.rpm 
 1b9fa8641f7f41d4dd859e73170d0b34  2009.0/SRPMS/openldap-2.4.11-3.4mdv2009.0.src.rpm

MES5 i586

 21948fd7dce8ce2c4c8fef768cfebda2  mes5/i586/libldap2.4_2-2.4.11-3.4mdvmes5.2.i586.rpm
 7857e09b074a340d74373b90900d7669  mes5/i586/libldap2.4_2-devel-2.4.11-3.4mdvmes5.2.i586.rpm
 9d2e59be28483bcf3acb4ff25089a390  mes5/i586/libldap2.4_2-static-devel-2.4.11-3.4mdvmes5.2.i586.rpm
 2c3d52c077a56fa832d2d4209ad46834  mes5/i586/openldap-2.4.11-3.4mdvmes5.2.i586.rpm
 acc2717ad2b29a7b02ba7f943ef92416  mes5/i586/openldap-clients-2.4.11-3.4mdvmes5.2.i586.rpm
 d3deba0317c9f52ec463928a190dec51  mes5/i586/openldap-doc-2.4.11-3.4mdvmes5.2.i586.rpm
 f4da14b20cccf8a3059bf512ba839fb4  mes5/i586/openldap-servers-2.4.11-3.4mdvmes5.2.i586.rpm
 3c34b1a9af109ee763cb26ee7615e60c  mes5/i586/openldap-testprogs-2.4.11-3.4mdvmes5.2.i586.rpm
 a52cf23420f23ed3d3ac84abe446ae92  mes5/i586/openldap-tests-2.4.11-3.4mdvmes5.2.i586.rpm 
 b9bced393f520051e28a489c6d8ff9ab  mes5/SRPMS/openldap-2.4.11-3.4mdvmes5.2.src.rpm

MES5 x86_64

 aa04b9b7aa03aab2ec36bf7027339ea6  mes5/x86_64/lib64ldap2.4_2-2.4.11-3.4mdvmes5.2.x86_64.rpm
 7ef3c991e2bc597b527af6b1f4fbbe45  mes5/x86_64/lib64ldap2.4_2-devel-2.4.11-3.4mdvmes5.2.x86_64.rpm
 978ea5eed1b8957f352503e1d1036f37  mes5/x86_64/lib64ldap2.4_2-static-devel-2.4.11-3.4mdvmes5.2.x86_64.rpm
 2805cdd7f4b21269cbb7867492022743  mes5/x86_64/openldap-2.4.11-3.4mdvmes5.2.x86_64.rpm
 fd58b85bd63050c9e92947cda1e9c7ca  mes5/x86_64/openldap-clients-2.4.11-3.4mdvmes5.2.x86_64.rpm
 f4f917d985b61cf253ef64d5b488ae55  mes5/x86_64/openldap-doc-2.4.11-3.4mdvmes5.2.x86_64.rpm
 6717e80f594124b5a453f34945cf626b  mes5/x86_64/openldap-servers-2.4.11-3.4mdvmes5.2.x86_64.rpm
 a4533095a840c1dcb204f980555f885a  mes5/x86_64/openldap-testprogs-2.4.11-3.4mdvmes5.2.x86_64.rpm
 abb0169c24cee8546bfa9e59d3e602e7  mes5/x86_64/openldap-tests-2.4.11-3.4mdvmes5.2.x86_64.rpm 
 b9bced393f520051e28a489c6d8ff9ab  mes5/SRPMS/openldap-2.4.11-3.4mdvmes5.2.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1081
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1024