ID de Prueba:	1.3.6.1.4.1.25623.1.0.58981
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:1037
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:1037. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. A flaw was found in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes. A local or remote attacker could create an LDAP request which could cause a denial of service by crashing slapd. (CVE-2007-5707) In addition, the following feature was added: * OpenLDAP client tools now have new option to configure their bind timeout. All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue and provide this security enhancement. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1037.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 7.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5707 1018924 http://www.securitytracker.com/id?1018924 26245 http://www.securityfocus.com/bid/26245 27424 http://secunia.com/advisories/27424 27587 http://secunia.com/advisories/27587 27596 http://secunia.com/advisories/27596 27683 http://secunia.com/advisories/27683 27756 http://secunia.com/advisories/27756 27868 http://secunia.com/advisories/27868 29461 http://secunia.com/advisories/29461 29682 http://secunia.com/advisories/29682 ADV-2007-3645 http://www.vupen.com/english/advisories/2007/3645 ADV-2009-3184 http://www.vupen.com/english/advisories/2009/3184 APPLE-SA-2009-11-09-1 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html DSA-1541 http://www.debian.org/security/2008/dsa-1541 FEDORA-2007-741 http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html GLSA-200803-28 http://security.gentoo.org/glsa/glsa-200803-28.xml MDKSA-2007:215 http://www.mandriva.com/security/advisories?name=MDKSA-2007:215 RHSA-2007:1037 http://www.redhat.com/support/errata/RHSA-2007-1037.html RHSA-2007:1038 http://www.redhat.com/support/errata/RHSA-2007-1038.html SUSE-SR:2007:024 http://www.novell.com/linux/security/advisories/2007_24_sr.html USN-551-1 http://www.ubuntu.com/usn/usn-551-1 [openldap-announce] 20071026 OpenLDAP 2.3.39 available http://www.openldap.org/lists/openldap-announce/200710/msg00001.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632 http://support.apple.com/kb/HT3937 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5119 oval:org.mitre.oval:def:10183 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10183
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.