Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2012 Greenbone AGOPENVAS:1361412562310870620
HistoryJun 06, 2012 - 12:00 a.m.

RedHat Update for openldap RHSA-2011:0347-01

2012-06-0600:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
13

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.6 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.8%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00025.html");
  script_oid("1.3.6.1.4.1.25623.1.0.870620");
  script_version("2024-03-21T05:06:54+0000");
  script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
  script_tag(name:"creation_date", value:"2012-06-06 10:34:45 +0530 (Wed, 06 Jun 2012)");
  script_cve_id("CVE-2011-1024", "CVE-2011-1025", "CVE-2011-1081");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_xref(name:"RHSA", value:"2011:0347-01");
  script_name("RedHat Update for openldap RHSA-2011:0347-01");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'openldap'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_6");
  script_tag(name:"affected", value:"openldap on Red Hat Enterprise Linux Desktop (v. 6),
  Red Hat Enterprise Linux Server (v. 6),
  Red Hat Enterprise Linux Workstation (v. 6)");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"insight", value:"OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  Protocol) applications and development tools.

  A flaw was found in the way OpenLDAP handled authentication failures being
  passed from an OpenLDAP slave to the master. If OpenLDAP was configured
  with a chain overlay and it forwarded authentication failures, OpenLDAP
  would bind to the directory as an anonymous user and return success, rather
  than return failure on the authenticated bind. This could allow a user on a
  system that uses LDAP for authentication to log into a directory-based
  account without knowing the password. (CVE-2011-1024)

  It was found that the OpenLDAP back-ndb back end allowed successful
  authentication to the root distinguished name (DN) when any string was
  provided as a password. A remote user could use this flaw to access an
  OpenLDAP directory if they knew the value of the root DN. Note: This issue
  only affected OpenLDAP installations using the NDB back-end, which is only
  available for Red Hat Enterprise Linux 6 via third-party software.
  (CVE-2011-1025)

  A flaw was found in the way OpenLDAP handled modify relative distinguished
  name (modrdn) requests. A remote, unauthenticated user could use this flaw
  to crash an OpenLDAP server via a modrdn request containing an empty old
  RDN value. (CVE-2011-1081)

  Users of OpenLDAP should upgrade to these updated packages, which contain
  backported patches to resolve these issues. After installing this update,
  the OpenLDAP daemons will be restarted automatically.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "RHENT_6")
{

  if ((res = isrpmvuln(pkg:"compat-openldap", rpm:"compat-openldap~2.4.19_2.3.43~15.el6_0.2", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap", rpm:"openldap~2.4.19~15.el6_0.2", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-clients", rpm:"openldap-clients~2.4.19~15.el6_0.2", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-debuginfo", rpm:"openldap-debuginfo~2.4.19~15.el6_0.2", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-devel", rpm:"openldap-devel~2.4.19~15.el6_0.2", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-servers", rpm:"openldap-servers~2.4.19~15.el6_0.2", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

oraclelinux 2
openvas 20
nessus 19
fedora 2
redhat 3
ubuntu 1
securityvulns 2
veracode 1
cvelist 3
cve 3
centos 1
debiancve 3
prion 3
gentoo 1
ubuntucve 3
nvd 3
oraclelinux
oraclelinux
openldap security update
2011-03-10 00:00:00
openldap security and bug fix update
2011-03-10 00:00:00
openvas
openvas
RedHat Update for openldap RHSA-2011:0347-01
2012-06-06 00:00:00
Fedora Update for openldap FEDORA-2011-3627
2011-09-27 00:00:00
Fedora Update for openldap FEDORA-2011-3627
2011-09-27 00:00:00
nessus
nessus
RHEL 6 : openldap (RHSA-2011:0347)
2011-03-11 00:00:00
Fedora 15 : openldap-2.4.24-2.fc15 (2011-3612)
2011-04-22 00:00:00
Oracle Linux 6 : openldap (ELSA-2011-0347)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: openldap-2.4.24-2.fc15
2011-04-21 05:33:29
[SECURITY] Fedora 14 Update: openldap-2.4.23-10.fc14
2011-09-25 03:47:40
redhat
redhat
(RHSA-2011:0347) Moderate: openldap security update
2011-03-10 00:00:00
(RHSA-2011:0346) Moderate: openldap security and bug fix update
2011-03-10 00:00:00
(RHSA-2011:0439) Moderate: rhev-hypervisor security and bug fix update
2011-04-13 00:00:00
ubuntu
ubuntu
OpenLDAP vulnerabilities
2011-03-31 00:00:00
securityvulns
securityvulns
OpenLDAP vulnerabilities
2011-03-31 00:00:00
[ MDVSA-2011:055 ] openldap
2011-03-31 00:00:00
veracode
veracode
Authentication Bypass
2020-04-10 00:59:40
cvelist
cvelist
CVE-2011-1025
2011-03-20 01:00:00
CVE-2011-1024
2011-03-20 01:00:00
CVE-2011-1081
2011-03-20 01:00:00
cve
cve
CVE-2011-1024
2011-03-20 02:00:03
CVE-2011-1025
2011-03-20 02:00:03
CVE-2011-1081
2011-03-20 02:00:04
centos
centos
compat, openldap security update
2011-04-14 23:48:17
debiancve
debiancve
CVE-2011-1024
2011-03-20 02:00:03
CVE-2011-1025
2011-03-20 02:00:03
CVE-2011-1081
2011-03-20 02:00:04
prion
prion
Authentication flaw
2011-03-20 02:00:00
Authentication flaw
2011-03-20 02:00:00
Design/Logic Flaw
2011-03-20 02:00:00
gentoo
gentoo
OpenLDAP: Multiple vulnerabilities
2014-06-30 00:00:00
ubuntucve
ubuntucve
CVE-2011-1024
2011-03-19 00:00:00
CVE-2011-1025
2011-03-19 00:00:00
CVE-2011-1081
2011-03-19 00:00:00
nvd
nvd
CVE-2011-1024
2011-03-20 02:00:03
CVE-2011-1025
2011-03-20 02:00:03
CVE-2011-1081
2011-03-20 02:00:04

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.6 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.8%

JSON
Related for OPENVAS:1361412562310870620
oraclelinux2openvas20nessus19fedora2redhat3ubuntu1securityvulns2veracode1cvelist3cve3centos1debiancve3prion3gentoo1ubuntucve3nvd3