Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2003:006 (openldap)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50670

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2003:006 (openldap)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to openldap
announced via advisory MDKSA-2003:006.

A review was completed by the SuSE Security Team on the OpenLDAP
server software, and this audit revealed several buffer overflows
and other bugs that remote attackers could exploit to gain unauthorized
access to the system running the vulnerable OpenLDAP servers.
Additionally, various locally exploitable bugs in the OpenLDAP v2
libraries have been fixed as well.

Affected versions: 8.0, 8.1, 8.2, 9.0, Multi Network Firewall 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1379
http://www.suse.de/security/2002_047_openldap2.html

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-1378
BugTraq ID: 6328
http://www.securityfocus.com/bid/6328
Computer Incident Advisory Center Bulletin: N-043
http://www.ciac.org/ciac/bulletins/n-043.shtml
Conectiva Linux advisory: CLA-2002:556
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000556
Debian Security Information: DSA-227 (Google Search)
http://www.debian.org/security/2003/dsa-227
http://www.securityfocus.com/advisories/4827
http://www.mandriva.com/security/advisories?name=MDKSA-2003:006
http://www.linuxsecurity.com/advisories/gentoo_advisory-2704.html
RedHat Security Advisories: RHSA-2003:040
SuSE Security Announcement: SuSE-SA:2002:047 (Google Search)
http://www.novell.com/linux/security/advisories/2002_047_openldap2.html
TurboLinux Advisory: TLSA-2003-5
http://www.turbolinux.com/security/TLSA-2003-5.txt
XForce ISS Database: openldap-multiple-bo(10800)
https://exchange.xforce.ibmcloud.com/vulnerabilities/10800
Common Vulnerability Exposure (CVE) ID: CVE-2002-1379

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50670
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2003:006 (openldap)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openldap announced via advisory MDKSA-2003:006. A review was completed by the SuSE Security Team on the OpenLDAP server software, and this audit revealed several buffer overflows and other bugs that remote attackers could exploit to gain unauthorized access to the system running the vulnerable OpenLDAP servers. Additionally, various locally exploitable bugs in the OpenLDAP v2 libraries have been fixed as well. Affected versions: 8.0, 8.1, 8.2, 9.0, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:006 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1379 http://www.suse.de/security/2002_047_openldap2.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1378 BugTraq ID: 6328 http://www.securityfocus.com/bid/6328 Computer Incident Advisory Center Bulletin: N-043 http://www.ciac.org/ciac/bulletins/n-043.shtml Conectiva Linux advisory: CLA-2002:556 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000556 Debian Security Information: DSA-227 (Google Search) http://www.debian.org/security/2003/dsa-227 http://www.securityfocus.com/advisories/4827 http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.linuxsecurity.com/advisories/gentoo_advisory-2704.html RedHat Security Advisories: RHSA-2003:040 SuSE Security Announcement: SuSE-SA:2002:047 (Google Search) http://www.novell.com/linux/security/advisories/2002_047_openldap2.html TurboLinux Advisory: TLSA-2003-5 http://www.turbolinux.com/security/TLSA-2003-5.txt XForce ISS Database: openldap-multiple-bo(10800) https://exchange.xforce.ibmcloud.com/vulnerabilities/10800 Common Vulnerability Exposure (CVE) ID: CVE-2002-1379
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com