Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-634-1: OpenLDAP vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-634-1: OpenLDAP vulnerability
# 1  
Old 08-01-2008
USN-634-1: OpenLDAP vulnerability
Referenced CVEs:
CVE-2008-2952


Description:
=========================================================== Ubuntu Security Notice USN-634-1 August 01, 2008 openldap2.2, openldap2.3 vulnerability CVE-2008-2952 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: slapd 2.2.26-5ubuntu2.8 Ubuntu 7.04: slapd 2.3.30-2ubuntu0.3 Ubuntu 7.10: slapd 2.3.35-1ubuntu0.3 Ubuntu 8.04 LTS: slapd 2.4.9-0ubuntu0.8.04.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

slapo-collect

SLAPO-COLLECT(5)						File Formats Manual						  SLAPO-COLLECT(5)

NAME

       slapo-collect - Collective attributes overlay to slapd

SYNOPSIS

       /etc/ldap/slapd.conf

DESCRIPTION

       The  collect  overlay  is  used	to  provide  a relatively coarse implementation of RFC 3671 collective attributes.  In X.500, a collective
       attribute is "a user attribute whose values are the same for each member of an entry collection".

       Collective attributes are added to entries returned by a search operation when the entry is within the scope of the related ancestor.  Col-
       lective attributes can only be modified when the modification affects the related ancestor.

CONFIGURATION

       This slapd.conf option applies to the collect overlay.  It should appear after the overlay directive.

       collectinfo <DN> <attrlist>
	      Specify  the  DN	of  the  ancestor  entry and the set of related collective attributes, where attrlist is a comma-separated list of
	      attributes.  The DN should be within the naming context of the database.

FILES

       /etc/ldap/slapd.conf
	      default slapd configuration file

SEE ALSO

       slapd.conf(5), slapd-config(5), The slapo-collect(5) overlay supports dynamic configuration via back-config.

ACKNOWLEDGEMENTS

       This module was written in 2003 by Howard Chu.  This man page was written in 2008 by Pierangelo Masarati.  OpenLDAP Software  is  developed
       and  maintained	by  The  OpenLDAP  Project  <http://www.openldap.org/>.  OpenLDAP Software is derived from University of Michigan LDAP 3.3
       Release.

OpenLDAP							    2012/04/23							  SLAPO-COLLECT(5)