|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200403-12] OpenLDAP DoS Vulnerability Vulnerability Scan
Vulnerability Scan Summary
OpenLDAP DoS Vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200403-12
(OpenLDAP DoS Vulnerability)
A password extended operation (password EXOP) which fails will cause the
slapd server to free() an uninitialized pointer, possibly resulting in a
segfault. This only affects servers using the back-ldbm backend.
Such a crash is not guaranteed with every failed operation, however, it is
possible.
Impact
A possible hacker (or indeed, a normal user) may crash the OpenLDAP server,
creating a Denial of Service condition.
Workaround
A workaround is not currently known for this issue. All users are
advised to upgrade to the latest version of OpenLDAP.
References:
http://www.openldap.org/its/index.cgi?findid=2390
Solution:
OpenLDAP users should upgrade to version 2.1.17 or later:
# emerge sync
# emerge -pv ">=net-nds/openldap-2.1.17"
# emerge ">=net-nds/openldap-2.1.17"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
