Lucene search
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-4792.NASLHistoryNov 18, 2020 - 12:00 a.m.
Debian DSA-4792-1 : openldap - security update
2020-11-1800:00:00
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
Two vulnerabilities in the certificate list syntax verification and in the handling of CSN normalization were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of these flaws to cause a denial of service (slapd daemon crash) via specially crafted packets.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4792. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(143002);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/04/20");
script_cve_id("CVE-2020-25709", "CVE-2020-25710");
script_xref(name:"DSA", value:"4792");
script_name(english:"Debian DSA-4792-1 : openldap - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Two vulnerabilities in the certificate list syntax verification and in
the handling of CSN normalization were discovered in OpenLDAP, a free
implementation of the Lightweight Directory Access Protocol. An
unauthenticated remote attacker can take advantage of these flaws to
cause a denial of service (slapd daemon crash) via specially crafted
packets."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/source-package/openldap"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/buster/openldap"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2020/dsa-4792"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the openldap packages.
For the stable distribution (buster), these problems have been fixed
in version 2.4.47+dfsg-3+deb10u4."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-25710");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openldap");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"patch_publication_date", value:"2020/11/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/11/18");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"10.0", prefix:"ldap-utils", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"libldap-2.4-2", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"libldap-common", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"libldap2-dev", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"slapd", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"slapd-contrib", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"slapd-smbk5pwd", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (deb_check(release:"10.0", prefix:"slapi-dev", reference:"2.4.47+dfsg-3+deb10u4")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | openldap | p-cpe:/a:debian:debian_linux:openldap |
| debian | debian_linux | 10.0 | cpe:/o:debian:debian_linux:10.0 |
Related
nessus
nessus
NewStart CGSL CORE 5.05 / MAIN 5.05 : openldap Multiple Vulnerabilities (NS-SA-2023-0016)
2023-04-11 00:00:00
EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-2277)
2021-08-09 00:00:00
Debian DLA-2481-1 : openldap security update
2020-12-07 00:00:00
amazon
amazon
Medium: openldap
2022-04-04 23:22:00
ubuntu
ubuntu
OpenLDAP vulnerabilities
2020-11-23 00:00:00
OpenLDAP vulnerabilities
2020-11-17 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:0142-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2310)
2021-08-09 00:00:00
Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2251)
2021-08-09 00:00:00
osv
osv
openldap vulnerabilities
2020-11-17 13:10:04
openldap - security update
2020-11-17 00:00:00
openldap - security update
2020-12-04 00:00:00
redhat
redhat
(RHSA-2022:0621) Moderate: openldap security update
2022-02-22 14:26:35
(RHSA-2022:1039) Important: Red Hat OpenShift GitOps security update
2022-03-23 21:13:24
(RHSA-2022:1042) Important: Red Hat OpenShift GitOps security update
2022-03-23 21:22:01
oraclelinux
oraclelinux
openldap security update
2022-02-23 00:00:00
suse
suse
Security update for openldap2 (moderate)
2021-01-17 00:00:00
Security update for openldap2 (moderate)
2021-01-18 00:00:00
debian
debian
[SECURITY] [DSA 4792-1] openldap security update
2020-11-17 14:50:10
[SECURITY] [DLA 2481-1] openldap security update
2020-12-04 17:35:21
[SECURITY] [DSA 4792-1] openldap security update
2020-11-17 14:50:10
f5
f5
K56241216 : OpenLDAP vulnerabilities CVE-2020-25709 and CVE-2020-25710
2022-03-31 00:00:00
centos
centos
openldap security update
2022-02-25 15:36:55
mageia
mageia
Updated openldap packages fix security vulnerabilities
2021-01-19 18:40:16
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in openldap. (CVE-2020-25709, CVE-2020-25710)
2022-07-07 11:20:06
alpinelinux
alpinelinux
CVE-2020-25709
2021-05-18 12:15:00
CVE-2020-25710
2021-05-28 11:15:00
prion
prion
Design/Logic Flaw
2021-05-18 12:15:00
Design/Logic Flaw
2021-05-28 11:15:00
redhatcve
redhatcve
CVE-2020-25710
2020-11-19 19:23:07
CVE-2020-25709
2020-11-19 19:23:00
veracode
veracode
Denial Of Service (DoS)
2020-12-10 16:31:53
Denial Of Service (DoS)
2020-12-10 16:32:01
ubuntucve
ubuntucve
CVE-2020-25710
2020-11-13 00:00:00
CVE-2020-25709
2020-11-13 00:00:00
cve
cve
CVE-2020-25710
2021-05-28 11:15:00
CVE-2020-25709
2021-05-18 12:15:00
debiancve
debiancve
CVE-2020-25709
2021-05-18 12:15:00
CVE-2020-25710
2021-05-28 11:15:00
ics
ics
Hitachi Energy System Data Manager
2022-04-26 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
Related for DEBIAN_DSA-4792.NASL