|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu USN-1100-1 (openldap2.3)|
|Summary:||Ubuntu USN-1100-1 (openldap2.3)|
|Description:||The remote host is missing an update to openldap2.3|
announced via advisory USN-1100-1.
It was discovered that OpenLDAP did not properly check forwarded
authentication failures when using a slave server and chain overlay. If
OpenLDAP were configured in this manner, an attacker could bypass
authentication checks by sending an invalid password to a slave server.
It was discovered that OpenLDAP did not properly perform authentication
checks to the rootdn when using the back-ndb backend. An attacker could
exploit this to access the directory by sending an arbitrary password.
Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue
did not affect Ubuntu 8.04 LTS. (CVE-2011-1025)
It was discovered that OpenLDAP did not properly validate modrdn requests.
An unauthenticated remote user could use this to cause a denial of service
via application crash. (CVE-2011-1081)
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
Ubuntu 10.04 LTS:
In general, a standard system update will make all the necessary changes.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2011-1024|
Common Vulnerability Exposure (CVE) ID: CVE-2011-1025
Common Vulnerability Exposure (CVE) ID: CVE-2011-1081
XForce ISS Database: openldap-modrdnc-dos(66239)
|Copyright||Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.