English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59928
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-551-1 (openldap)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to openldap
announced via advisory USN-551-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Thomas Sesselmann discovered that the OpenLDAP slapd server
did not properly handle certain modify requests. A remote
attacker could send malicious modify requests to the server
and cause a denial of service. (CVE-2007-5707)

Toby Blake discovered that slapd did not properly terminate
an array while running as a proxy-caching server. A remote
attacker may be able to send crafted search requests to the
server and cause a denial of service. This issue only affects
Ubuntu 7.04 and 7.10. (CVE-2007-5708)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
slapd 2.2.26-5ubuntu2.4

Ubuntu 6.10:
slapd 2.2.26-5ubuntu3.2

Ubuntu 7.04:
slapd 2.3.30-2ubuntu0.1

Ubuntu 7.10:
slapd 2.3.35-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-551-1

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-5707
1018924
http://www.securitytracker.com/id?1018924
26245
http://www.securityfocus.com/bid/26245
27424
http://secunia.com/advisories/27424
27587
http://secunia.com/advisories/27587
27596
http://secunia.com/advisories/27596
27683
http://secunia.com/advisories/27683
27756
http://secunia.com/advisories/27756
27868
http://secunia.com/advisories/27868
29461
http://secunia.com/advisories/29461
29682
http://secunia.com/advisories/29682
ADV-2007-3645
http://www.vupen.com/english/advisories/2007/3645
ADV-2009-3184
http://www.vupen.com/english/advisories/2009/3184
APPLE-SA-2009-11-09-1
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
DSA-1541
http://www.debian.org/security/2008/dsa-1541
FEDORA-2007-741
http://www.redhat.com/archives/fedora-package-announce/2007-November/msg00460.html
GLSA-200803-28
http://security.gentoo.org/glsa/glsa-200803-28.xml
MDKSA-2007:215
http://www.mandriva.com/security/advisories?name=MDKSA-2007:215
RHSA-2007:1037
http://www.redhat.com/support/errata/RHSA-2007-1037.html
RHSA-2007:1038
http://www.redhat.com/support/errata/RHSA-2007-1038.html
SUSE-SR:2007:024
http://www.novell.com/linux/security/advisories/2007_24_sr.html
USN-551-1
http://www.ubuntu.com/usn/usn-551-1
[openldap-announce] 20071026 OpenLDAP 2.3.39 available
http://www.openldap.org/lists/openldap-announce/200710/msg00001.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632
http://support.apple.com/kb/HT3937
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5119
oval:org.mitre.oval:def:10183
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10183
Common Vulnerability Exposure (CVE) ID: CVE-2007-5708
29225
http://secunia.com/advisories/29225
MDVSA-2008:058
http://www.mandriva.com/security/advisories?name=MDVSA-2008:058
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163
Common Vulnerability Exposure (CVE) ID: CVE-2007-3998
Debian Security Information: DSA-1444 (Google Search)
http://www.debian.org/security/2008/dsa-1444
Debian Security Information: DSA-1578 (Google Search)
http://www.debian.org/security/2008/dsa-1578
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
http://secweb.se/en/advisories/php-wordwrap-vulnerability/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603
RedHat Security Advisories: RHSA-2007:0889
http://rhn.redhat.com/errata/RHSA-2007-0889.html
http://www.redhat.com/support/errata/RHSA-2007-0890.html
http://www.redhat.com/support/errata/RHSA-2007-0891.html
http://secunia.com/advisories/26642
http://secunia.com/advisories/26822
http://secunia.com/advisories/26838
http://secunia.com/advisories/26871
http://secunia.com/advisories/26895
http://secunia.com/advisories/26930
http://secunia.com/advisories/26967
http://secunia.com/advisories/27102
http://secunia.com/advisories/27377
http://secunia.com/advisories/27545
http://secunia.com/advisories/27864
http://secunia.com/advisories/28249
http://secunia.com/advisories/28658
http://secunia.com/advisories/30288
SuSE Security Announcement: SUSE-SA:2008:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
http://www.trustix.org/errata/2007/0026/
https://usn.ubuntu.com/549-1/
http://www.ubuntu.com/usn/usn-549-2
http://www.vupen.com/english/advisories/2007/3023
Common Vulnerability Exposure (CVE) ID: CVE-2007-4657
http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability/
http://secunia.com/advisories/28318
http://secunia.com/advisories/28936
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
http://www.vupen.com/english/advisories/2008/0059
XForce ISS Database: php-strcspn-overflow(36388)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36388
XForce ISS Database: php-strcspn-strspn-unspecified(39399)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39399
Common Vulnerability Exposure (CVE) ID: CVE-2007-4658
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363
XForce ISS Database: php-moneyformat-unspecified(36377)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36377
Common Vulnerability Exposure (CVE) ID: CVE-2007-4662
XForce ISS Database: php-phpopensslmakereq-bo(36390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36390
Common Vulnerability Exposure (CVE) ID: CVE-2007-3799
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BugTraq ID: 24268
http://www.securityfocus.com/bid/24268
http://www.php-security.org/MOPB/PMOPB-46-2007.html
http://osvdb.org/36855
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792
http://www.redhat.com/support/errata/RHSA-2007-0888.html
http://secunia.com/advisories/27351
http://secunia.com/advisories/29420
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.vupen.com/english/advisories/2008/0924/references
Common Vulnerability Exposure (CVE) ID: CVE-2007-2872
1018186
http://www.securitytracker.com/id?1018186
2007-0023
http://www.trustix.org/errata/2007/0023/
20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow
http://www.securityfocus.com/archive/1/470244/100/0/threaded
24261
http://www.securityfocus.com/bid/24261
25456
http://secunia.com/advisories/25456
25535
http://secunia.com/advisories/25535
26048
http://secunia.com/advisories/26048
26231
http://secunia.com/advisories/26231
26838
26871
26895
26930
26967
27037
http://secunia.com/advisories/27037
27102
27110
http://secunia.com/advisories/27110
27351
27377
27545
27864
28318
28658
28750
http://secunia.com/advisories/28750
28936
30040
http://secunia.com/advisories/30040
36083
http://osvdb.org/36083
ADV-2007-2061
http://www.vupen.com/english/advisories/2007/2061
ADV-2007-3386
http://www.vupen.com/english/advisories/2007/3386
ADV-2008-0059
ADV-2008-0398
http://www.vupen.com/english/advisories/2008/0398
FEDORA-2007-2215
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html
FEDORA-2007-709
GLSA-200710-02
HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPSBUX02308
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501
HPSBUX02332
http://www.securityfocus.com/archive/1/491693/100/0/threaded
MDKSA-2007:187
OpenPKG-SA-2007.020
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html
RHSA-2007:0888
RHSA-2007:0889
RHSA-2007:0890
RHSA-2007:0891
SSA:2007-152-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863
SSA:2008-045-03
SSRT071447
SSRT080010
SSRT080056
SUSE-SA:2007:044
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
SUSE-SA:2008:004
USN-549-1
USN-549-2
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
http://www.php.net/ChangeLog-4.php
http://www.php.net/releases/4_4_8.php
http://www.php.net/releases/5_2_3.php
http://www.sec-consult.com/291.html
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
oval:org.mitre.oval:def:9424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9424
php-chunksplit-security-bypass(39398)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39398
Common Vulnerability Exposure (CVE) ID: CVE-2007-4660
http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
Common Vulnerability Exposure (CVE) ID: CVE-2007-4661
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.58&r2=1.445.2.14.2.59
Common Vulnerability Exposure (CVE) ID: CVE-2007-1285
BugTraq ID: 22764
http://www.securityfocus.com/bid/22764
Bugtraq: 20070418 rPSA-2007-0073-1 php php-mysql php-pgsql (Google Search)
http://www.securityfocus.com/archive/1/466166/100/0/threaded
http://security.gentoo.org/glsa/glsa-200705-19.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:087
http://www.mandriva.com/security/advisories?name=MDKSA-2007:088
http://www.mandriva.com/security/advisories?name=MDKSA-2007:089
http://www.mandriva.com/security/advisories?name=MDKSA-2007:090
http://www.php-security.org/MOPB/MOPB-03-2007.html
http://www.osvdb.org/32769
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017
http://www.redhat.com/support/errata/RHSA-2007-0082.html
RedHat Security Advisories: RHSA-2007:0154
http://rhn.redhat.com/errata/RHSA-2007-0154.html
RedHat Security Advisories: RHSA-2007:0155
http://rhn.redhat.com/errata/RHSA-2007-0155.html
http://www.redhat.com/support/errata/RHSA-2007-0162.html
RedHat Security Advisories: RHSA-2007:0163
http://rhn.redhat.com/errata/RHSA-2007-0163.html
http://www.securitytracker.com/id?1017771
http://secunia.com/advisories/24909
http://secunia.com/advisories/24910
http://secunia.com/advisories/24924
http://secunia.com/advisories/24941
http://secunia.com/advisories/24945
http://secunia.com/advisories/25445
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-4670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028
Common Vulnerability Exposure (CVE) ID: CVE-2007-5898
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
HPdes Security Advisory: HPSBUX02332
HPdes Security Advisory: SSRT080056
http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10080
http://www.redhat.com/support/errata/RHSA-2008-0505.html
http://www.redhat.com/support/errata/RHSA-2008-0544.html
http://www.redhat.com/support/errata/RHSA-2008-0545.html
http://www.redhat.com/support/errata/RHSA-2008-0546.html
http://www.redhat.com/support/errata/RHSA-2008-0582.html
http://securitytracker.com/id?1018934
http://secunia.com/advisories/27648
http://secunia.com/advisories/27659
http://secunia.com/advisories/30828
http://secunia.com/advisories/31119
http://secunia.com/advisories/31124
http://secunia.com/advisories/31200
http://www.ubuntu.com/usn/usn-628-1
Common Vulnerability Exposure (CVE) ID: CVE-2007-5899
http://osvdb.org/38918
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11211
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.