ID de Prueba:	1.3.6.1.4.1.25623.1.0.60704
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0110
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0110. OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols for accessing directory services. These updated openldap packages fix a flaw in the way the OpenLDAP slapd daemon handled modify and modrdn requests with NOOP control on objects stored in a Berkeley DB (BDB) storage backend. An authenticated attacker with permission to perform modify or modrdn operations on such LDAP objects could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658) Users of openldap should upgrade to these updated packages, which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0110.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6698 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html BugTraq ID: 26245 http://www.securityfocus.com/bid/26245 Bugtraq: 20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers (Google Search) http://www.securityfocus.com/archive/1/488242/100/200/threaded Debian Security Information: DSA-1541 (Google Search) http://www.debian.org/security/2008/dsa-1541 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00105.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 http://www.openldap.org/lists/openldap-bugs/200704/msg00067.html http://www.openldap.org/lists/openldap-bugs/200704/msg00068.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10748 http://www.redhat.com/support/errata/RHSA-2008-0110.html http://www.securitytracker.com/id?1019480 http://secunia.com/advisories/28817 http://secunia.com/advisories/28953 http://secunia.com/advisories/29068 http://secunia.com/advisories/29225 http://secunia.com/advisories/29256 http://secunia.com/advisories/29682 http://secunia.com/advisories/29957 SuSE Security Announcement: SUSE-SR:2008:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html http://www.ubuntu.com/usn/usn-584-1 http://www.vupen.com/english/advisories/2009/3184 Common Vulnerability Exposure (CVE) ID: CVE-2008-0658 1019481 http://www.securitytracker.com/id?1019481 20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers 27778 http://www.securityfocus.com/bid/27778 28914 http://secunia.com/advisories/28914 28926 http://secunia.com/advisories/28926 28953 29068 29225 29256 29461 http://secunia.com/advisories/29461 29682 29957 ADV-2008-0536 http://www.vupen.com/english/advisories/2008/0536/references ADV-2009-3184 APPLE-SA-2009-11-09-1 DSA-1541 GLSA-200803-28 http://security.gentoo.org/glsa/glsa-200803-28.xml MDVSA-2008:058 RHSA-2008:0110 SUSE-SR:2008:010 USN-584-1 http://support.apple.com/kb/HT3937 http://wiki.rpath.com/Advisories:rPSA-2008-0059 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059 http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358 openldap-modrdn-dos(40479) https://exchange.xforce.ibmcloud.com/vulnerabilities/40479 oval:org.mitre.oval:def:9470 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.