Multiple flaws were discovered in the way the slapd daemon handled modify relative distinguished name (modrdn) requests. An authenticated user with privileges to perform modrdn operations could use these flaws to crash the slapd daemon via specially crafted modrdn requests.
(CVE-2010-0211, CVE-2010-0212)
After installing this update, the OpenLDAP daemons will be restarted automatically.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(60819);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2010-0211", "CVE-2010-0212");
script_name(english:"Scientific Linux Security Update : openldap on SL5.x i386/x86_64");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Multiple flaws were discovered in the way the slapd daemon handled
modify relative distinguished name (modrdn) requests. An authenticated
user with privileges to perform modrdn operations could use these
flaws to crash the slapd daemon via specially crafted modrdn requests.
(CVE-2010-0211, CVE-2010-0212)
After installing this update, the OpenLDAP daemons will be restarted
automatically."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1007&L=scientific-linux-errata&T=0&P=1863
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?db8fc7b0"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2010/07/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL5", reference:"compat-openldap-2.3.43_2.2.29-12.el5_5.1")) flag++;
if (rpm_check(release:"SL5", reference:"openldap-2.3.43-12.el5_5.1")) flag++;
if (rpm_check(release:"SL5", reference:"openldap-clients-2.3.43-12.el5_5.1")) flag++;
if (rpm_check(release:"SL5", reference:"openldap-devel-2.3.43-12.el5_5.1")) flag++;
if (rpm_check(release:"SL5", reference:"openldap-servers-2.3.43-12.el5_5.1")) flag++;
if (rpm_check(release:"SL5", reference:"openldap-servers-overlays-2.3.43-12.el5_5.1")) flag++;
if (rpm_check(release:"SL5", reference:"openldap-servers-sql-2.3.43-12.el5_5.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |