oss-sec mailing list archives

Re: CVE Request -- OpenLDAP -- two issues

From: Thomas Biege <thomas () suse de>
Date: Mon, 28 Feb 2011 14:16:06 +0100


The following might also need a CVE-ID.

https://bugzilla.novell.com/show_bug.cgi?id=674985#c1
------------------------------------------------------------------------------
http://www.openldap.org/its/index.cgi/Software Bugs?id=6768

That's a pretty bad DOS. Everybody (even unauthenticated users) can kill the
server by submitting a MODRDN request with an empty "olddn" value and "remove
old RDN" set (-r). Example:

      ldapmodrdn -x -H ldap://ldapserver -r '' o=test 
------------------------------------------------------------------------------


Am Freitag 25 Februar 2011 17:18:08 schrieb Josh Bressers:

----- Original Message -----

Hello Josh, Steve, vendors,

looks like the following two issues did not get a CVE identifiers yet:
[1] http://secunia.com/advisories/43331/


The above advisory covers both bugs below.

[2] http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6607


CVE-2011-1024 openldap forwarded bind failure messages cause success

[3] http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6661


CVE-2011-1025 openldap rootpw is not verified with slapd.conf


Thanks.


-- 
 Thomas Biege <thomas () suse de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
  Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
                            -- Marie von Ebner-Eschenbach

Current thread:

CVE Request -- OpenLDAP -- two issues Jan Lieskovsky (Feb 24)
- Re: CVE Request -- OpenLDAP -- two issues Josh Bressers (Feb 25)
  - Re: CVE Request -- OpenLDAP -- two issues Thomas Biege (Feb 28)
    - Re: CVE Request -- OpenLDAP -- two issues Vincent Danen (Feb 28)
    - Re: CVE Request -- OpenLDAP -- two issues Ralf Haferkamp (Mar 01)
    - Re: CVE Request -- OpenLDAP -- two issues Vincent Danen (Mar 01)
    - Re: CVE Request -- OpenLDAP -- two issues Josh Bressers (Mar 01)