Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2007-0430.NASL
HistoryJun 12, 2007 - 12:00 a.m.

RHEL 3 : openldap (RHSA-2007:0430)

2007-06-1200:00:00
This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

A updated openldap packages that fix a security flaw and a memory leak bug are now available for Red Hat Enterprise Linux 3.

This update has been rated as having low security impact by the Red Hat Security Response Team.

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications, libraries and development tools.

A flaw was found in the way OpenLDAP handled selfwrite access. Users with selfwrite access were able to modify the distinguished name of any user. Users with selfwrite access should only be able to modify their own distinguished name. (CVE-2006-4600)

A memory leak bug was found in OpenLDAP’s ldap_start_tls_s() function.
An application using this function could result in an Out Of Memory (OOM) condition, crashing the application.

All users are advised to upgrade to this updated openldap package, which contains a backported fix and is not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2007:0430. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25477);
  script_version("1.23");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2006-4600");
  script_xref(name:"RHSA", value:"2007:0430");

  script_name(english:"RHEL 3 : openldap (RHSA-2007:0430)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A updated openldap packages that fix a security flaw and a memory leak
bug are now available for Red Hat Enterprise Linux 3.

This update has been rated as having low security impact by the Red
Hat Security Response Team.

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications, libraries and development tools.

A flaw was found in the way OpenLDAP handled selfwrite access. Users
with selfwrite access were able to modify the distinguished name of
any user. Users with selfwrite access should only be able to modify
their own distinguished name. (CVE-2006-4600)

A memory leak bug was found in OpenLDAP's ldap_start_tls_s() function.
An application using this function could result in an Out Of Memory
(OOM) condition, crashing the application.

All users are advised to upgrade to this updated openldap package,
which contains a backported fix and is not vulnerable to these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2006-4600"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2007:0430"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:S/C:N/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openldap-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openldap-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openldap-servers");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2006/09/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2007/06/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/06/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2007:0430";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"openldap-2.0.27-23")) flag++;
  if (rpm_check(release:"RHEL3", reference:"openldap-clients-2.0.27-23")) flag++;
  if (rpm_check(release:"RHEL3", reference:"openldap-devel-2.0.27-23")) flag++;
  if (rpm_check(release:"RHEL3", reference:"openldap-servers-2.0.27-23")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openldap / openldap-clients / openldap-devel / openldap-servers");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxopenldapp-cpe:/a:redhat:enterprise_linux:openldap
redhatenterprise_linuxopenldap-clientsp-cpe:/a:redhat:enterprise_linux:openldap-clients
redhatenterprise_linuxopenldap-develp-cpe:/a:redhat:enterprise_linux:openldap-devel
redhatenterprise_linuxopenldap-serversp-cpe:/a:redhat:enterprise_linux:openldap-servers
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 11
cve 1
openvas 4
redhat 2
oraclelinux 1
centos 2
freebsd 1
ubuntucve 1
gentoo 1
securityvulns 1
vmware 1
nessus
nessus
FreeBSD : openldap -- slapd acl selfwrite Security Issue (ae7124ff-547c-11db-8f1a-000a48049292)
2006-10-10 00:00:00
Scientific Linux Security Update : openldap on SL3.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : openldap (RHSA-2007:0310)
2007-05-02 00:00:00
cve
cve
CVE-2006-4600
2006-09-07 00:04:00
openvas
openvas
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2007:0310) Low: openldap security update
2007-05-01 00:00:00
(RHSA-2007:0430) Low: openldap security and bug-fix update
2007-06-11 13:45:45
oraclelinux
oraclelinux
Low: openldap security update
2007-05-17 00:00:00
centos
centos
compat, gdm, openldap security update
2007-05-02 08:52:57
openldap security update
2007-06-11 21:07:22
freebsd
freebsd
openldap -- slapd acl selfwrite Security Issue
2006-06-14 00:00:00
ubuntucve
ubuntucve
CVE-2006-4600
2006-09-07 00:00:00
gentoo
gentoo
VMware Workstation and Player: Multiple vulnerabilities
2007-11-18 00:00:00
securityvulns
securityvulns
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
2007-09-21 00:00:00
vmware
vmware
Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
2007-09-18 00:00:00
JSON
Related for REDHAT-RHSA-2007-0430.NASL
nessus11cve1openvas4redhat2oraclelinux1centos2freebsd1ubuntucve1gentoo1securityvulns1vmware1