Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-199: OpenLDAP Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-199: OpenLDAP Vulnerability
# 1  
Old 02-25-2008
S-199: OpenLDAP Vulnerability
There is a flaw in the way the OpenLDAP slapd daemon handled modified and modrdn request with NOOP control on objects stored in a Berkeley DB (BDB) storage backend. The risk is LOW. An authenticated attacker with permission to perform modify or modrdn operations on such LDAP ojects could cause slapd to crash.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Perl Script to delete record if it exceeds 199 fields

HI All, I am new to perl ,need your inputs for my better understanding. I have 5 UNIX files ,inside which only required fields will be loaded except with junk data mentioned in double quotes .For Ex File has below information: Process=High Name=Albert Age=27 ... (8 Replies)
Discussion started by: Perlbaby
8 Replies

2. Red Hat

Need OpenLDAP Help

Hi, all: I'm studying for the RHCE and have hit the section on configuring an OpenLDAP client. I'd like to practice this, but I can't get an OpenLDAP server set up. I followed the directions in RedHat's Deployment Guide, and it looks like the server is up and running, but I can't get the... (0 Replies)
Discussion started by: rjlohman
0 Replies

3. News, Links, Events and Announcements

A $199 PC with No Windows, No Intel Inside

A lot of comuting power for $199: http://story.news.yahoo.com/news?tmpl=story2&cid=569&e=4&u=/nm/20021208/tc_nm/column_pluggedin_dc (8 Replies)
Discussion started by: Neo
8 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

slapd-dnssrv

SLAPD-DNSSRV(5) 						File Formats Manual						   SLAPD-DNSSRV(5)

NAME

       slapd-dnssrv - DNS SRV referral backend to slapd

SYNOPSIS

       /etc/openldap/slapd.conf

DESCRIPTION

       The DNSSRV backend to slapd(8) serves up referrals based upon SRV resource records held in the Domain Name System.

       This backend is experimental.

CONFIGURATION

       The DNSSRV backend has no backend nor database specific options.  It is configured simply by "database dnssrv" followed a suffix directive,
       e.g. suffix "".

ACCESS CONTROL

       The dnssrv backend does not honor all ACL semantics as described in slapd.access(5).  In fact, this  backend  only  implements  the  search
       operation  when	the manageDSAit control (RFC 3296) is used, otherwise for every operation a referral, whenever appropriate, or an error is
       returned.  Currently, there is no means to condition the returning of the referral by means of ACLs;  no  access  control  is  implemented,
       except  for  read  (=r)	access	to  the returned entries, which is actually provided by the frontend.  Note, however, that the information
       returned by this backend is collected through the DNS, so it is public by definition.

FILES

       /etc/openldap/slapd.conf
	      default slapd configuration file

SEE ALSO

       "OpenLDAP Root Service - An experimental LDAP referral service" [RFC 3088],
       "OpenLDAP LDAP Root Service" <http://www.openldap.org/faq/?file=393)>,
       slapd.conf(5), slapd(8)

OpenLDAP 2.4.39 						    2014/01/26							   SLAPD-DNSSRV(5)