 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.871119 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Update for openldap RHSA-2014:0126-01 |
| Resumen: | The remote host is missing an update for the 'openldap'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'openldap' package(s) announced via the referenced advisory. Vulnerability Insight: OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) performed reference counting when using the rwm (rewrite/remap) overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending a search request. (CVE-2013-4449) Red Hat would like to thank Michael Vishchers from Seven Principles AG for reporting this issue. This update also fixes the following bug: * Previously, OpenLDAP did not properly handle a number of simultaneous updates. As a consequence, sending a number of parallel update requests to the server could cause a deadlock. With this update, a superfluous locking mechanism causing the deadlock has been removed, thus fixing the bug. (BZ#1056124) All openldap users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Affected Software/OS: openldap on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-4449 1029711 http://www.securitytracker.com/id/1029711 20140401 Cisco Unified Communications Manager Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-4449 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra https://seclists.org/bugtraq/2019/Dec/23 20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra http://seclists.org/fulldisclosure/2019/Dec/26 63190 http://www.securityfocus.com/bid/63190 DSA-3209 http://www.debian.org/security/2015/dsa-3209 MDVSA-2014:026 http://www.mandriva.com/security/advisories?name=MDVSA-2014:026 RHSA-2014:0126 http://rhn.redhat.com/errata/RHSA-2014-0126.html RHSA-2014:0206 http://rhn.redhat.com/errata/RHSA-2014-0206.html [oss-security] 20131018 Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled http://www.openwall.com/lists/oss-security/2013/10/19/3 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 http://www.openldap.org/its/index.cgi/Incoming?id=7723 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html https://bugzilla.redhat.com/show_bug.cgi?id=1019490 https://support.apple.com/kb/HT210788 |
| Copyright | Copyright (C) 2014 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |