Support / Sécurité / Annonces de sécurité / Corporate Server 1.0.1 / MDKSA-2001:069

Nom du paquet: openldap
Date: 2001-08-13
Advisory ID: MDKSA-2001:069
Affected versions: 8.0 i586 , SNF7.2 i586 , 7.2 i586 , 7.1 i586 , CS1.0 i586

Problem description

CERT released an advisory that details a number of vulnerabilities as found in a variety of different LDAP implementations. The results of these tests showed one vulnerability in OpenLDAP with slapd not handling packets with certain invalid fields. A malicious attacker could craft such invalid packets, resulting in a denial of service attack on the affected server.

Updated packages

8.0 i586

 eb3e60b1947fabf7d44981187c0306a4  8.0/RPMS/libldap1-1.2.12-1.1mdk.i586.rpm
629c75aa532e9730517752d2e964045f  8.0/RPMS/libldap1-devel-1.2.12-1.1mdk.i586.rpm
835611f3f7c11488037f45c3322a2fe7  8.0/RPMS/libldap2-2.0.11-6.1mdk.i586.rpm
c3cdd9533bc8fd3f1a223ae7081771e0  8.0/RPMS/libldap2-devel-2.0.11-6.1mdk.i586.rpm
d3e9a8f80f6016d64c29518c8013cb4d  8.0/RPMS/libldap2-devel-static-2.0.11-6.1mdk.i586.rpm
d4aed1a2a958f6d3448a848c69e5efba  8.0/RPMS/openldap-2.0.11-6.1mdk.i586.rpm
71bba1cc342d2f3516571a020161a847  8.0/RPMS/openldap-back_dnssrv-2.0.11-6.1mdk.i586.rpm
a1b4012315a3ce88c27c6c640dfbd77e  8.0/RPMS/openldap-back_ldap-2.0.11-6.1mdk.i586.rpm
f7c2b20461101cc5c78045bc39c52eb2  8.0/RPMS/openldap-back_passwd-2.0.11-6.1mdk.i586.rpm
3bb8dd5668e9ee025e28ad1ea4c9f622  8.0/RPMS/openldap-back_sql-2.0.11-6.1mdk.i586.rpm
d61de43692601ac183564fc4a46a21cf  8.0/RPMS/openldap-clients-2.0.11-6.1mdk.i586.rpm
a6cf2c2451d799372787bb7392065068  8.0/RPMS/openldap-guide-2.0.11-6.1mdk.i586.rpm
9b5cbeefbbf68d8f6b3143c7bc30a72c  8.0/RPMS/openldap-migration-2.0.11-6.1mdk.i586.rpm
89e6f11113a37ad0a2b11f0e2c2ea867  8.0/RPMS/openldap-servers-2.0.11-6.1mdk.i586.rpm
84ee41801fb25caa1cd4fa69cf4b7e39  8.0/RPMS/openldap1-1.2.12-1.1mdk.i586.rpm
b863f396fb81de5d2860102dd1b2a3e8  8.0/SRPMS/openldap-2.0.11-6.1mdk.src.rpm
a31898bb56c36fc726e1810985768fef  8.0/SRPMS/openldap1-1.2.12-1.1mdk.src.rpm

SNF7.2 i586

 cd28b5c07f05e6b20533116ae3e2c29b  snf7.2/RPMS/openldap-1.2.12-1.2mdk.i586.rpm
de5469cb8470152ddedbeffeb1466def  snf7.2/SRPMS/openldap-1.2.12-1.2mdk.src.rpm

7.2 i586

 cd28b5c07f05e6b20533116ae3e2c29b  7.2/RPMS/openldap-1.2.12-1.2mdk.i586.rpm
7d86a8d344d46920491f811538292226  7.2/RPMS/openldap-devel-1.2.12-1.2mdk.i586.rpm
de5469cb8470152ddedbeffeb1466def  7.2/SRPMS/openldap-1.2.12-1.2mdk.src.rpm

7.1 i586

 f85b74a6f81850178e99de059ce7ac51  7.1/RPMS/openldap-1.2.12-1.3mdk.i586.rpm
5cd4401a3ce81f7e45de3d8b80404c58  7.1/RPMS/openldap-devel-1.2.12-1.3mdk.i586.rpm
939b04ecb65daf2c5280e5a5ddc14365  7.1/SRPMS/openldap-1.2.12-1.3mdk.src.rpm

CS1.0 i586

 f85b74a6f81850178e99de059ce7ac51  1.0.1/RPMS/openldap-1.2.12-1.3mdk.i586.rpm
5cd4401a3ce81f7e45de3d8b80404c58  1.0.1/RPMS/openldap-devel-1.2.12-1.3mdk.i586.rpm
939b04ecb65daf2c5280e5a5ddc14365  1.0.1/SRPMS/openldap-1.2.12-1.3mdk.src.rpm

References

http://www.cert.org/advisories/CA-2001-18