Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-634-1: OpenLDAP vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-634-1: OpenLDAP vulnerability
# 1  
Old 08-01-2008
USN-634-1: OpenLDAP vulnerability
Referenced CVEs:
CVE-2008-2952


Description:
=========================================================== Ubuntu Security Notice USN-634-1 August 01, 2008 openldap2.2, openldap2.3 vulnerability CVE-2008-2952 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: slapd 2.2.26-5ubuntu2.8 Ubuntu 7.04: slapd 2.3.30-2ubuntu0.3 Ubuntu 7.10: slapd 2.3.35-1ubuntu0.3 Ubuntu 8.04 LTS: slapd 2.4.9-0ubuntu0.8.04.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT REDHAT

ldapfriendly

LDAPFRIENDLY(5) 						File Formats Manual						   LDAPFRIENDLY(5)

NAME

       ldapfriendly - data file for LDAP friendly routines

SYNOPSIS

       /usr/share/openldap/ldapfriendly

DESCRIPTION

       The  file  /usr/share/openldap/ldapfriendly contains simple mapping information used by the ldap_friendly_name(3) routine.  Blank lines and
       lines that have a first character of `#' are treated as comments and ignored.  The information consists of lines that contain an "unfriend-
       ly" name, a tab, and a "friendly" name.

       Other  friendly	mapping  files	can  be  created  and used by ldap_friendly_name(3).  Just use the same format as that described above and
       include the file name in the ldap_friendly_name() call.

FILES

       /usr/share/openldap/ldapfriendly

SEE ALSO

       ldap(3), ldap_friendly_name(3)

ACKNOWLEDGEMENTS

       OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).  OpenLDAP is derived from University  of  Michigan
       LDAP 3.3 Release.

OpenLDAP 2.0.27-Release 					  20 August 2000						   LDAPFRIENDLY(5)