Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:685

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.51433

Kategorie: Conectiva Local Security Checks

Titel: Conectiva Security Advisory CLA-2003:685

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote host is missing updates announced in
advisory CLA-2003:685.

OpenLDAP[1] is an LDAPv2 and LDAPv3 server available for several
platforms.

This update addresses the following issues in the OpenLDAP package
shipped with Conectiva Linux 9:

1) Denial of Service vulnerability[2]
A failed password extended operation (password EXOP) can cause
openldap to, if using the back-ldbm backend, attempt to free memory
which was never allocated, resulting in a segfault. The back-bdb
backend, on the other hand, has a memory leak in the same code. Both
conditions can be triggered remotely.

2) Crypt and md5 hash support[3]
The OpenLDAP packages shipped with Conectiva Linux 9 do not have
support for crypt and md5 password hashes. As a result, users
migrated to LDAP from system password files will not be able to
authenticate against the directory using simple binds.

3) One shot replication mode does not work[4]
The slurpd program shipped with OpenLDAP is responsible for
replicating data from a master OpenLDAP server to slave servers. It
has a replication mode called one shot which takes a replication
log file and attempts to replicate all changes to the specified
slaves and then exits. This mode was not working in openldap-2.1.16,
which is the version originally shipped with Conectiva Linux 9.

This announcement updates OpenLDAP for Conectiva Linux 9 to version
2.1.21, which, besides containing the fixes above and several others,
also includes many other improvements in indexes and performance.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:685
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.51433
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2003:685
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2003:685. OpenLDAP[1] is an LDAPv2 and LDAPv3 server available for several platforms. This update addresses the following issues in the OpenLDAP package shipped with Conectiva Linux 9: 1) Denial of Service vulnerability[2] A failed password extended operation (password EXOP) can cause openldap to, if using the back-ldbm backend, attempt to free memory which was never allocated, resulting in a segfault. The back-bdb backend, on the other hand, has a memory leak in the same code. Both conditions can be triggered remotely. 2) Crypt and md5 hash support[3] The OpenLDAP packages shipped with Conectiva Linux 9 do not have support for crypt and md5 password hashes. As a result, users migrated to LDAP from system password files will not be able to authenticate against the directory using simple binds. 3) One shot replication mode does not work[4] The slurpd program shipped with OpenLDAP is responsible for replicating data from a master OpenLDAP server to slave servers. It has a replication mode called one shot which takes a replication log file and attempts to replicate all changes to the specified slaves and then exits. This mode was not working in openldap-2.1.16, which is the version originally shipped with Conectiva Linux 9. This announcement updates OpenLDAP for Conectiva Linux 9 to version 2.1.21, which, besides containing the fixes above and several others, also includes many other improvements in indexes and performance. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:685 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com