Test ID:	1.3.6.1.4.1.25623.1.1.12.2006.305.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-305-1)
Summary:	The remote host is missing an update for the 'openldap2, openldap2.2' package(s) announced via the USN-305-1 advisory.
Description:	Summary: The remote host is missing an update for the 'openldap2, openldap2.2' package(s) announced via the USN-305-1 advisory. Vulnerability Insight: When processing overly long host names in OpenLDAP's slurpd replication server, a buffer overflow caused slurpd to crash. If an attacker manages to inject a specially crafted host name into slurpd, this might also be exploited to execute arbitrary code with slurpd's privileges, however, since slurpd is usually set up to replicate only trusted machines, this should not be exploitable in normal cases. Affected Software/OS: 'openldap2, openldap2.2' package(s) on Ubuntu 5.04, Ubuntu 5.10, Ubuntu 6.06. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2754 Bugtraq: 20060609 rPSA-2006-0099-1 openldap openldap-clients openldap-servers (Google Search) http://www.securityfocus.com/archive/1/436674/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200606-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:096 http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.008-openldap.html http://www.osvdb.org/25659 http://secunia.com/advisories/20126 http://secunia.com/advisories/20495 http://secunia.com/advisories/20685 http://secunia.com/advisories/20848 https://usn.ubuntu.com/305-1/ http://www.vupen.com/english/advisories/2006/1921
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.