Package name
openldap
Date
2000-07-27
Advisory ID
MDKSA-2000:024
Affected versions
6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problem description

OpenLDAP installs the ud binary with mode 755 and the default group, taken from the installing user's primary gid or the gid of the directory itself. Depending on the gid used, this can cause the file to be group-writable for an extended group. We have determined that Linux-Mandrake is not vulnerable to this exploit.

Updated packages

6.1 i586

 na 6.1/RPMS/na

6.0 i586

 na 6.0/RPMS/na

7.0 i586

 na 7.0/RPMS/na

7.1 i586

 na 7.1/RPMS/na