Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:685

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51433

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLA-2003:685

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLA-2003:685.

OpenLDAP[1] is an LDAPv2 and LDAPv3 server available for several
platforms.

This update addresses the following issues in the OpenLDAP package
shipped with Conectiva Linux 9:

1) Denial of Service vulnerability[2]
A failed password extended operation (password EXOP) can cause
openldap to, if using the back-ldbm backend, attempt to free memory
which was never allocated, resulting in a segfault. The back-bdb
backend, on the other hand, has a memory leak in the same code. Both
conditions can be triggered remotely.

2) Crypt and md5 hash support[3]
The OpenLDAP packages shipped with Conectiva Linux 9 do not have
support for crypt and md5 password hashes. As a result, users
migrated to LDAP from system password files will not be able to
authenticate against the directory using simple binds.

3) One shot replication mode does not work[4]
The slurpd program shipped with OpenLDAP is responsible for
replicating data from a master OpenLDAP server to slave servers. It
has a replication mode called one shot which takes a replication
log file and attempts to replicate all changes to the specified
slaves and then exits. This mode was not working in openldap-2.1.16,
which is the version originally shipped with Conectiva Linux 9.

This announcement updates OpenLDAP for Conectiva Linux 9 to version
2.1.21, which, besides containing the fixes above and several others,
also includes many other improvements in indexes and performance.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

https://secure1.securityspace.com/smysecure/catid.html?in=CLA-2003:685
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51433
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2003:685
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2003:685. OpenLDAP[1] is an LDAPv2 and LDAPv3 server available for several platforms. This update addresses the following issues in the OpenLDAP package shipped with Conectiva Linux 9: 1) Denial of Service vulnerability[2] A failed password extended operation (password EXOP) can cause openldap to, if using the back-ldbm backend, attempt to free memory which was never allocated, resulting in a segfault. The back-bdb backend, on the other hand, has a memory leak in the same code. Both conditions can be triggered remotely. 2) Crypt and md5 hash support[3] The OpenLDAP packages shipped with Conectiva Linux 9 do not have support for crypt and md5 password hashes. As a result, users migrated to LDAP from system password files will not be able to authenticate against the directory using simple binds. 3) One shot replication mode does not work[4] The slurpd program shipped with OpenLDAP is responsible for replicating data from a master OpenLDAP server to slave servers. It has a replication mode called one shot which takes a replication log file and attempts to replicate all changes to the specified slaves and then exits. This mode was not working in openldap-2.1.16, which is the version originally shipped with Conectiva Linux 9. This announcement updates OpenLDAP for Conectiva Linux 9 to version 2.1.21, which, besides containing the fixes above and several others, also includes many other improvements in indexes and performance. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' https://secure1.securityspace.com/smysecure/catid.html?in=CLA-2003:685 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com