Bugtraq mailing list archives

rPSA-2006-0099-1 openldap openldap-clients openldap-servers

From: "Justin M. Forbes" <jmforbes () rpath com>
Date: Fri, 09 Jun 2006 16:54:51 -0400

rPath Security Advisory: 2006-0099-1
Published: 2006-06-09
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
    Weakness
Updated Versions:
    openldap=/conary.rpath.com@rpl:devel//1/2.2.26-8.3-1
    openldap-clients=/conary.rpath.com@rpl:devel//1/2.2.26-8.3-1
    openldap-servers=/conary.rpath.com@rpl:devel//1/2.2.26-8.3-1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2754
    http://issues.rpath.com/browse/RPL-423
    http://secunia.com/advisories/20126

Description:
    Previous versions of the openldap server have a weakness reading
    the openldap status file.  This weakness may result in some
    vulnerability, which may include denial of service or remote
    privilege escalation when an openldap service is exposed.

Current thread:

rPSA-2006-0099-1 openldap openldap-clients openldap-servers Justin M. Forbes (Jun 09)