Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0062)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0062

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0062)

Resumen: The remote host is missing an update for the 'openldap' package(s) announced via the MGASA-2014-0062 advisory.

Descripción: Summary:
The remote host is missing an update for the 'openldap' package(s) announced via the MGASA-2014-0062 advisory.

Vulnerability Insight:
A denial of service flaw was found in the way the OpenLDAP server daemon
(slapd) performed reference counting when using the rwm (rewrite/remap)
overlay. A remote attacker able to query the OpenLDAP server could use this
flaw to crash the server by immediately unbinding from the server after
sending a search request (CVE-2013-4449).

Affected Software/OS:
'openldap' package(s) on Mageia 3, Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4449
1029711
http://www.securitytracker.com/id/1029711
20140401 Cisco Unified Communications Manager Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-4449
20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
https://seclists.org/bugtraq/2019/Dec/23
20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
http://seclists.org/fulldisclosure/2019/Dec/26
63190
http://www.securityfocus.com/bid/63190
DSA-3209
http://www.debian.org/security/2015/dsa-3209
MDVSA-2014:026
http://www.mandriva.com/security/advisories?name=MDVSA-2014:026
RHSA-2014:0126
http://rhn.redhat.com/errata/RHSA-2014-0126.html
RHSA-2014:0206
http://rhn.redhat.com/errata/RHSA-2014-0206.html
[oss-security] 20131018 Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled
http://www.openwall.com/lists/oss-security/2013/10/19/3
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
http://www.openldap.org/its/index.cgi/Incoming?id=7723
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
https://bugzilla.redhat.com/show_bug.cgi?id=1019490
https://support.apple.com/kb/HT210788

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0062
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0062)
Resumen:	The remote host is missing an update for the 'openldap' package(s) announced via the MGASA-2014-0062 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openldap' package(s) announced via the MGASA-2014-0062 advisory. Vulnerability Insight: A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) performed reference counting when using the rwm (rewrite/remap) overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending a search request (CVE-2013-4449). Affected Software/OS: 'openldap' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4449 1029711 http://www.securitytracker.com/id/1029711 20140401 Cisco Unified Communications Manager Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-4449 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra https://seclists.org/bugtraq/2019/Dec/23 20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra http://seclists.org/fulldisclosure/2019/Dec/26 63190 http://www.securityfocus.com/bid/63190 DSA-3209 http://www.debian.org/security/2015/dsa-3209 MDVSA-2014:026 http://www.mandriva.com/security/advisories?name=MDVSA-2014:026 RHSA-2014:0126 http://rhn.redhat.com/errata/RHSA-2014-0126.html RHSA-2014:0206 http://rhn.redhat.com/errata/RHSA-2014-0206.html [oss-security] 20131018 Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled http://www.openwall.com/lists/oss-security/2013/10/19/3 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735 http://www.openldap.org/its/index.cgi/Incoming?id=7723 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html https://bugzilla.redhat.com/show_bug.cgi?id=1019490 https://support.apple.com/kb/HT210788
Copyright	Copyright (C) 2022 Greenbone AG