|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2015:0887-1)|
|Summary:||The remote host is missing an update for the 'openldap2' package(s) announced via the SUSE-SU-2015:0887-1 advisory.|
The remote host is missing an update for the 'openldap2' package(s) announced via the SUSE-SU-2015:0887-1 advisory.
openldap2 was updated to fix three security issues and one non-security bug.
The following vulnerabilities were fixed:
A remote attacker could cause a denial of service (slapd crash) by unbinding immediately after a search request. (bnc#846389, CVE-2013-4449)
A remote attacker could cause a denial of service through a NULL pointer dereference and crash via an empty attribute list in a deref control in a search request. (bnc#916897, CVE-2015-1545)
A remote attacker could cause a denial of service (crash) via a crafted search query with a matched values control. (bnc#916914, CVE-2015-1546)
The following non-security bug was fixed:
Prevent connection-0 (internal connection) from showing up in the monitor back-end. (bnc#905959)
CVE-2015-1546 CVE-2015-1545 CVE-2013-4449
'openldap2' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP3, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Security Module 11 SP3, SUSE Linux Enterprise Desktop 11 SP3
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2013-4449|
BugTraq ID: 63190
Bugtraq: 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra (Google Search)
Cisco Security Advisory: 20140401 Cisco Unified Communications Manager Denial of Service Vulnerability
Debian Security Information: DSA-3209 (Google Search)
RedHat Security Advisories: RHSA-2014:0126
RedHat Security Advisories: RHSA-2014:0206
Common Vulnerability Exposure (CVE) ID: CVE-2015-1545
BugTraq ID: 72519
SuSE Security Announcement: openSUSE-SU-2015:1325 (Google Search)
XForce ISS Database: openldap-cve20151545-dos(100937)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1546
XForce ISS Database: openldap-cve20151546-dos(100938)
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.