{"id": "OPENVAS:1361412562310880171", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for compat-openldap CESA-2008:0110 centos4 i386", "description": "Check for the Version of compat-openldap", "published": "2009-02-27T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880171", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["2008:0110", "http://lists.centos.org/pipermail/centos-announce/2008-February/014689.html"], "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "lastseen": "2018-04-09T11:38:28", "viewCount": 2, "enchantments": {"score": {"value": 5.4, "vector": "NONE", "modified": "2018-04-09T11:38:28", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0110", "CVE-2008-0658", "CVE-2007-6698"]}, {"type": "centos", "idList": ["CESA-2008:0110"]}, {"type": "fedora", "idList": ["FEDORA:M17KSBRB020908", "FEDORA:M1D5FLQM006616", "FEDORA:M633FJJG018319", "FEDORA:M1D5AISU006029"]}, {"type": "redhat", "idList": ["RHSA-2008:0110"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19168", "SECURITYVULNS:VULN:8700"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2008-0110.NASL", "SUSE9_12075.NASL", "SL_20080221_OPENLDAP_ON_SL4_X.NASL", "ORACLELINUX_ELSA-2008-0110.NASL", "CENTOS_RHSA-2008-0110.NASL", "MANDRIVA_MDVSA-2008-058.NASL", "SUSE_OPENLDAP2-4989.NASL", "FEDORA_2008-1616.NASL", "SUSE_OPENLDAP2-4999.NASL", "UBUNTU_USN-584-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0110"]}, {"type": "ubuntu", "idList": ["USN-584-1"]}, {"type": "openvas", "idList": ["OPENVAS:880087", "OPENVAS:880167", "OPENVAS:60457", "OPENVAS:860783", "OPENVAS:840291", "OPENVAS:1361412562310880087", "OPENVAS:65422", "OPENVAS:880171", "OPENVAS:136141256231065422", "OPENVAS:1361412562310870149"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1541-1:66533"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:AD1FDA03798D6F8F89D9AFDB34F6C3BF"]}, {"type": "freebsd", "idList": ["E5D29309-E0DB-11DC-97B2-001C2514716C"]}, {"type": "exploitdb", "idList": ["EDB-ID:31190"]}, {"type": "gentoo", "idList": ["GLSA-200803-28"]}], "modified": "2018-04-09T11:38:28", "rev": 2}, "vulnersScore": 5.4}, "pluginID": "1361412562310880171", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for compat-openldap CESA-2008:0110 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"compat-openldap on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014689.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880171\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0110\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"CentOS Update for compat-openldap CESA-2008:0110 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of compat-openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.1.30~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks", "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:31:28", "description": "The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability.", "edition": 6, "cvss3": {}, "published": "2008-02-01T22:00:00", "title": "CVE-2007-6698", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6698"], "modified": "2018-10-15T21:56:00", "cpe": ["cpe:/a:openldap:openldap:2.3.35"], "id": "CVE-2007-6698", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6698", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openldap:openldap:2.3.35:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:11", "description": "slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.", "edition": 4, "cvss3": {}, "published": "2008-02-13T21:00:00", "title": "CVE-2008-0658", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0658"], "modified": "2018-10-15T22:02:00", "cpe": ["cpe:/a:openldap:openldap:2.3.39"], "id": "CVE-2008-0658", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0658", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:openldap:openldap:2.3.39:*:*:*:*:*:*:*"]}], "centos": [{"lastseen": "2019-12-20T18:24:21", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0110\n\n\nOpenLDAP is an open source suite of Lightweight Directory Access Protocol\r\n(LDAP) applications and development tools. LDAP is a set of protocols for\r\naccessing directory services.\r\n\r\nThese updated openldap packages fix a flaw in the way the OpenLDAP slapd\r\ndaemon handled modify and modrdn requests with NOOP control on objects\r\nstored in a Berkeley DB (BDB) storage backend. An authenticated attacker\r\nwith permission to perform modify or modrdn operations on such LDAP objects\r\ncould cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\r\n\r\nUsers of openldap should upgrade to these updated packages, which contain a\r\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026727.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026728.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026730.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026733.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026740.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-February/026741.html\n\n**Affected packages:**\ncompat-openldap\nopenldap\nopenldap-clients\nopenldap-devel\nopenldap-servers\nopenldap-servers-sql\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0110.html", "edition": 4, "modified": "2008-02-23T11:58:24", "published": "2008-02-22T13:54:12", "href": "http://lists.centos.org/pipermail/centos-announce/2008-February/026727.html", "id": "CESA-2008:0110", "title": "compat, openldap security update", "type": "centos", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6698", "CVE-2008-0658"], "description": "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. ", "modified": "2008-02-13T05:15:42", "published": "2008-02-13T05:15:42", "id": "FEDORA:M1D5FLQM006616", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: openldap-2.3.34-7.fc7", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6698"], "description": "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. ", "modified": "2008-02-07T20:54:16", "published": "2008-02-07T20:54:16", "id": "FEDORA:M17KSBRB020908", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: openldap-2.3.34-6.fc7", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658"], "description": "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. ", "modified": "2008-02-13T05:11:01", "published": "2008-02-13T05:11:01", "id": "FEDORA:M1D5AISU006029", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: openldap-2.3.39-3.fc8", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658", "CVE-2008-2952"], "description": "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. ", "modified": "2008-07-03T03:15:35", "published": "2008-07-03T03:15:35", "id": "FEDORA:M633FJJG018319", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: openldap-2.3.39-4.fc8", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6698", "CVE-2008-0658"], "description": "OpenLDAP is an open source suite of Lightweight Directory Access Protocol\r\n(LDAP) applications and development tools. LDAP is a set of protocols for\r\naccessing directory services.\r\n\r\nThese updated openldap packages fix a flaw in the way the OpenLDAP slapd\r\ndaemon handled modify and modrdn requests with NOOP control on objects\r\nstored in a Berkeley DB (BDB) storage backend. An authenticated attacker\r\nwith permission to perform modify or modrdn operations on such LDAP objects\r\ncould cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\r\n\r\nUsers of openldap should upgrade to these updated packages, which contain a\r\nbackported patch to correct this issue.", "modified": "2017-09-08T12:09:30", "published": "2008-02-21T05:00:00", "id": "RHSA-2008:0110", "href": "https://access.redhat.com/errata/RHSA-2008:0110", "type": "redhat", "title": "(RHSA-2008:0110) Moderate: openldap security update", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:25", "bulletinFamily": "software", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "rPath Security Advisory: 2008-0059-1\r\nPublished: 2008-02-12\r\nProducts:\r\n rPath Linux 1\r\n rPath Appliance Platform Linux Service 1\r\n\r\nRating: Major\r\nExposure Level Classification:\r\n Local Deterministic Denial of Service\r\nUpdated Versions:\r\n openldap=conary.rpath.com@rpl:1/2.2.26-8.8-1\r\n openldap-clients=conary.rpath.com@rpl:1/2.2.26-8.8-1\r\n openldap-servers=conary.rpath.com@rpl:1/2.2.26-8.8-1\r\n\r\nrPath Issue Tracking System:\r\n https://issues.rpath.com/browse/RPL-2234\r\n\r\nReferences:\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6698\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0658\r\n\r\nDescription:\r\n Previous versions of the openldap package are vulnerable to a Denial of\r\n Service attack in which authenticated users can crash the slapd server.\r\n\r\nhttp://wiki.rpath.com/Advisories:rPSA-2008-0059\r\n\r\nCopyright 2008 rPath, Inc.\r\nThis file is distributed under the terms of the MIT License.\r\nA copy is available at http://www.rpath.com/permanent/mit-license.html", "edition": 1, "modified": "2008-02-16T00:00:00", "published": "2008-02-16T00:00:00", "id": "SECURITYVULNS:DOC:19168", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19168", "title": "rPSA-2008-0059-1 openldap openldap-clients openldap-servers", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "No description provided", "edition": 1, "modified": "2008-02-16T00:00:00", "published": "2008-02-16T00:00:00", "id": "SECURITYVULNS:VULN:8700", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8700", "title": "OpenDAL DoS", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-17T12:44:07", "description": "From Red Hat Security Advisory 2008:0110 :\n\nUpdated openldap packages that fix security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpenLDAP is an open source suite of Lightweight Directory Access\nProtocol (LDAP) applications and development tools. LDAP is a set of\nprotocols for accessing directory services.\n\nThese updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\n\nUsers of openldap should upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : openldap (ELSA-2008-0110)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openldap", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:openldap-servers", "p-cpe:/a:oracle:linux:openldap-clients", "p-cpe:/a:oracle:linux:openldap-devel", "p-cpe:/a:oracle:linux:openldap-servers-sql", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:compat-openldap"], "id": "ORACLELINUX_ELSA-2008-0110.NASL", "href": "https://www.tenable.com/plugins/nessus/67650", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0110 and \n# Oracle Linux Security Advisory ELSA-2008-0110 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67650);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_bugtraq_id(26245, 27778);\n script_xref(name:\"RHSA\", value:\"2008:0110\");\n\n script_name(english:\"Oracle Linux 4 / 5 : openldap (ELSA-2008-0110)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0110 :\n\nUpdated openldap packages that fix security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpenLDAP is an open source suite of Lightweight Directory Access\nProtocol (LDAP) applications and development tools. LDAP is a set of\nprotocols for accessing directory services.\n\nThese updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\n\nUsers of openldap should upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000517.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-February/000520.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:compat-openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-servers-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"compat-openldap-2.1.30-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"compat-openldap-2.1.30-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openldap-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openldap-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openldap-clients-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openldap-clients-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openldap-devel-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openldap-devel-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openldap-servers-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openldap-servers-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"openldap-servers-sql-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"openldap-servers-sql-2.2.13-8.el4_6.4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"compat-openldap-2.3.27_2.2.29-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-clients-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-devel-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-servers-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-servers-sql-2.3.27-8.el5_1.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openldap / openldap / openldap-clients / openldap-devel / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:06:02", "description": "Updated openldap packages that fix security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpenLDAP is an open source suite of Lightweight Directory Access\nProtocol (LDAP) applications and development tools. LDAP is a set of\nprotocols for accessing directory services.\n\nThese updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\n\nUsers of openldap should upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", "edition": 27, "published": "2008-02-25T00:00:00", "title": "RHEL 4 / 5 : openldap (RHSA-2008:0110)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2008-02-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:openldap-servers-sql", "p-cpe:/a:redhat:enterprise_linux:openldap-servers", "p-cpe:/a:redhat:enterprise_linux:openldap", "p-cpe:/a:redhat:enterprise_linux:openldap-devel", "p-cpe:/a:redhat:enterprise_linux:openldap-clients", "cpe:/o:redhat:enterprise_linux:5.1", "p-cpe:/a:redhat:enterprise_linux:compat-openldap", "cpe:/o:redhat:enterprise_linux:4.6"], "id": "REDHAT-RHSA-2008-0110.NASL", "href": "https://www.tenable.com/plugins/nessus/31159", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0110. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31159);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_bugtraq_id(26245, 27778);\n script_xref(name:\"RHSA\", value:\"2008:0110\");\n\n script_name(english:\"RHEL 4 / 5 : openldap (RHSA-2008:0110)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openldap packages that fix security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpenLDAP is an open source suite of Lightweight Directory Access\nProtocol (LDAP) applications and development tools. LDAP is a set of\nprotocols for accessing directory services.\n\nThese updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\n\nUsers of openldap should upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0110\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:compat-openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-servers-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0110\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"compat-openldap-2.1.30-8.el4_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openldap-2.2.13-8.el4_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openldap-clients-2.2.13-8.el4_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openldap-devel-2.2.13-8.el4_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openldap-servers-2.2.13-8.el4_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openldap-servers-sql-2.2.13-8.el4_6.4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"compat-openldap-2.3.27_2.2.29-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openldap-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-clients-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-clients-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-clients-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openldap-devel-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-servers-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-servers-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-servers-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-servers-sql-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-servers-sql-2.3.27-8.el5_1.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-servers-sql-2.3.27-8.el5_1.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openldap / openldap / openldap-clients / openldap-devel / etc\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:43:51", "description": "These updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : openldap on SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080221_OPENLDAP_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60361", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60361);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n\n script_name(english:\"Scientific Linux Security Update : openldap on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0802&L=scientific-linux-errata&T=0&P=932\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c0baec3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"compat-openldap-2.1.30-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"openldap-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"openldap-clients-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"openldap-devel-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"openldap-servers-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"openldap-servers-sql-2.2.13-8.el4_6.4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"compat-openldap-2.3.27_2.2.29-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openldap-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openldap-clients-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openldap-devel-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openldap-servers-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openldap-servers-sql-2.3.27-8.el5_1.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:46:48", "description": "Authenticated users could crash the LDAP server 'slapd' via the 'NOOP'\ncommand. (CVE-2007-6698 / CVE-2008-0658)", "edition": 24, "published": "2008-04-28T00:00:00", "title": "SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 4989)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2008-04-28T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENLDAP2-4989.NASL", "href": "https://www.tenable.com/plugins/nessus/32078", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32078);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n\n script_name(english:\"SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 4989)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Authenticated users could crash the LDAP server 'slapd' via the 'NOOP'\ncommand. (CVE-2007-6698 / CVE-2008-0658)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0658.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4989.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"openldap2-2.3.32-0.25.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"openldap2-client-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"openldap2-devel-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"openldap2-2.3.32-0.25.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"openldap2-back-meta-2.3.32-0.25.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"openldap2-back-perl-2.3.32-0.25.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"openldap2-client-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"openldap2-devel-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.32-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.32-0.23.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T15:44:10", "description": "Jonathan Clarke discovered that the OpenLDAP slapd server did not\nproperly handle modify requests when using the Berkeley DB backend and\nspecifying the NOOP control. An authenticated user with modify\npermissions could send a crafted modify request and cause a denial of\nservice via application crash. Ubuntu 7.10 is not affected by this\nissue. (CVE-2007-6698)\n\nRalf Haferkamp discovered that the OpenLDAP slapd server did not\nproperly handle modrdn requests when using the Berkeley DB backend and\nspecifying the NOOP control. An authenticated user with modrdn\npermissions could send a crafted modrdn request and possibly cause a\ndenial of service via application crash. (CVE-2007-6698).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2008-03-07T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : openldap2.2, openldap2.3 vulnerabilities (USN-584-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2008-03-07T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:ldap-utils", "p-cpe:/a:canonical:ubuntu_linux:libldap-2.3-0", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:slapd", "p-cpe:/a:canonical:ubuntu_linux:libldap-2.2-7", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-584-1.NASL", "href": "https://www.tenable.com/plugins/nessus/31406", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-584-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31406);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_xref(name:\"USN\", value:\"584-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : openldap2.2, openldap2.3 vulnerabilities (USN-584-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jonathan Clarke discovered that the OpenLDAP slapd server did not\nproperly handle modify requests when using the Berkeley DB backend and\nspecifying the NOOP control. An authenticated user with modify\npermissions could send a crafted modify request and cause a denial of\nservice via application crash. Ubuntu 7.10 is not affected by this\nissue. (CVE-2007-6698)\n\nRalf Haferkamp discovered that the OpenLDAP slapd server did not\nproperly handle modrdn requests when using the Berkeley DB backend and\nspecifying the NOOP control. An authenticated user with modrdn\npermissions could send a crafted modrdn request and possibly cause a\ndenial of service via application crash. (CVE-2007-6698).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/584-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ldap-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldap-2.2-7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldap-2.3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:slapd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04|7\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04 / 7.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"ldap-utils\", pkgver:\"2.2.26-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libldap-2.2-7\", pkgver:\"2.2.26-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"slapd\", pkgver:\"2.2.26-5ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"ldap-utils\", pkgver:\"2.2.26-5ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libldap-2.2-7\", pkgver:\"2.2.26-5ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"slapd\", pkgver:\"2.2.26-5ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"ldap-utils\", pkgver:\"2.3.30-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libldap-2.3-0\", pkgver:\"2.3.30-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"slapd\", pkgver:\"2.3.30-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"ldap-utils\", pkgver:\"2.3.35-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libldap-2.3-0\", pkgver:\"2.3.35-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"slapd\", pkgver:\"2.3.35-1ubuntu0.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldap-utils / libldap-2.2-7 / libldap-2.3-0 / slapd\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:25", "description": " - Fri Feb 8 2008 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-7\n\n - fix CVE-2008-0658 (#432012)\n\n - Tue Feb 5 2008 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-6\n\n - fix CVE-2007-6698 (#431409)\n\n - Mon Jan 14 2008 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-5\n\n - fix default slurpd directory to /var/lib/ldap\n (#424831)\n\n - Fri Nov 2 2007 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-4\n\n - fix various security flaws (#360081)\n\n - Fri Jul 13 2007 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-3\n\n - Fix initscript return codes (#242667)\n\n - Provide overlays including smbk5pwd (as modules;\n #246036, #245896, #220895)\n\n - Add available modules to config file\n\n - do not create script in /tmp on startup (bz#188298)\n\n - add compat-slapcat to openldap-compat (bz#179378)\n\n - do not import ddp services with migrate_services.pl\n (bz#201183)\n\n - sort the hosts by address, preventing duplicities in\n migrate*nis*.pl (bz#201540)\n\n - start slupd for each replicated database (bz#210155)\n\n - add ldconfig to devel post/postun (bz#240253)\n\n - include misc.schema in default slapd.conf (bz#147805)\n\n - Mon Apr 23 2007 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-2\n\n - slapadd during package update is now quiet (bz#224581)\n\n - use _localstatedir instead of var/ during build\n (bz#220970)\n\n - bind-libbind-devel removed from BuildRequires\n (bz#216851)\n\n - slaptest is now quiet during service ldap start, if\n there is no error/warning (bz#143697)\n\n - libldap_r.so now links with pthread (bz#198226)\n\n - do not strip binaries to produce correct .debuginfo\n packages (bz#152516)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2008-02-14T00:00:00", "title": "Fedora 7 : openldap-2.3.34-7.fc7 (2008-1616)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2008-02-14T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openldap", "cpe:/o:fedoraproject:fedora:7"], "id": "FEDORA_2008-1616.NASL", "href": "https://www.tenable.com/plugins/nessus/31076", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1616.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31076);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-0658\");\n script_xref(name:\"FEDORA\", value:\"2008-1616\");\n\n script_name(english:\"Fedora 7 : openldap-2.3.34-7.fc7 (2008-1616)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Feb 8 2008 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-7\n\n - fix CVE-2008-0658 (#432012)\n\n - Tue Feb 5 2008 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-6\n\n - fix CVE-2007-6698 (#431409)\n\n - Mon Jan 14 2008 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-5\n\n - fix default slurpd directory to /var/lib/ldap\n (#424831)\n\n - Fri Nov 2 2007 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-4\n\n - fix various security flaws (#360081)\n\n - Fri Jul 13 2007 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-3\n\n - Fix initscript return codes (#242667)\n\n - Provide overlays including smbk5pwd (as modules;\n #246036, #245896, #220895)\n\n - Add available modules to config file\n\n - do not create script in /tmp on startup (bz#188298)\n\n - add compat-slapcat to openldap-compat (bz#179378)\n\n - do not import ddp services with migrate_services.pl\n (bz#201183)\n\n - sort the hosts by address, preventing duplicities in\n migrate*nis*.pl (bz#201540)\n\n - start slupd for each replicated database (bz#210155)\n\n - add ldconfig to devel post/postun (bz#240253)\n\n - include misc.schema in default slapd.conf (bz#147805)\n\n - Mon Apr 23 2007 Jan Safranek <jsafranek at redhat.com>\n 2.3.34-2\n\n - slapadd during package update is now quiet (bz#224581)\n\n - use _localstatedir instead of var/ during build\n (bz#220970)\n\n - bind-libbind-devel removed from BuildRequires\n (bz#216851)\n\n - slaptest is now quiet during service ldap start, if\n there is no error/warning (bz#143697)\n\n - libldap_r.so now links with pthread (bz#198226)\n\n - do not strip binaries to produce correct .debuginfo\n packages (bz#152516)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=432008\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007852.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?27bcb63e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"openldap-2.3.34-7.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:02:14", "description": "Authenticated users could crash the LDAP server 'slapd' via the 'NOOP'\ncommand. (CVE-2007-6698 / CVE-2008-0658)", "edition": 24, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : OpenLDAP 2 (YOU Patch Number 12075)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12075.NASL", "href": "https://www.tenable.com/plugins/nessus/41197", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41197);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n\n script_name(english:\"SuSE9 Security Update : OpenLDAP 2 (YOU Patch Number 12075)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Authenticated users could crash the LDAP server 'slapd' via the 'NOOP'\ncommand. (CVE-2007-6698 / CVE-2008-0658)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0658.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12075.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-ldap-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-meta-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-monitor-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-perl-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-client-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-devel-2.2.24-4.25\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"openldap2-client-32bit-9-200802110138\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-9-200802110138\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:25:17", "description": "Updated openldap packages that fix security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpenLDAP is an open source suite of Lightweight Directory Access\nProtocol (LDAP) applications and development tools. LDAP is a set of\nprotocols for accessing directory services.\n\nThese updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\n\nUsers of openldap should upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", "edition": 26, "published": "2008-02-25T00:00:00", "title": "CentOS 4 / 5 : openldap (CESA-2008:0110)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2008-02-25T00:00:00", "cpe": ["p-cpe:/a:centos:centos:compat-openldap", "p-cpe:/a:centos:centos:openldap", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:openldap-servers-sql", "p-cpe:/a:centos:centos:openldap-servers", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:openldap-devel", "p-cpe:/a:centos:centos:openldap-clients"], "id": "CENTOS_RHSA-2008-0110.NASL", "href": "https://www.tenable.com/plugins/nessus/31138", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0110 and \n# CentOS Errata and Security Advisory 2008:0110 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31138);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_bugtraq_id(26245, 27778);\n script_xref(name:\"RHSA\", value:\"2008:0110\");\n\n script_name(english:\"CentOS 4 / 5 : openldap (CESA-2008:0110)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openldap packages that fix security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpenLDAP is an open source suite of Lightweight Directory Access\nProtocol (LDAP) applications and development tools. LDAP is a set of\nprotocols for accessing directory services.\n\nThese updated openldap packages fix a flaw in the way the OpenLDAP\nslapd daemon handled modify and modrdn requests with NOOP control on\nobjects stored in a Berkeley DB (BDB) storage backend. An\nauthenticated attacker with permission to perform modify or modrdn\noperations on such LDAP objects could cause slapd to crash.\n(CVE-2007-6698, CVE-2008-0658)\n\nUsers of openldap should upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014689.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedc486c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014690.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df0efe34\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014692.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b727b99f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014702.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a840305e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-February/014703.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8a4e482\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:compat-openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openldap-servers-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"compat-openldap-2.1.30-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"compat-openldap-2.1.30-8.c4.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"compat-openldap-2.1.30-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openldap-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openldap-2.2.13-8.c4.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openldap-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openldap-clients-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openldap-clients-2.2.13-8.c4.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openldap-clients-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openldap-devel-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openldap-devel-2.2.13-8.c4.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openldap-devel-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openldap-servers-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openldap-servers-2.2.13-8.c4.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openldap-servers-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openldap-servers-sql-2.2.13-8.el4_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openldap-servers-sql-2.2.13-8.c4.4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openldap-servers-sql-2.2.13-8.el4_6.4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"compat-openldap-2.3.27_2.2.29-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openldap-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openldap-clients-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openldap-devel-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openldap-servers-2.3.27-8.el5_1.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openldap-servers-sql-2.3.27-8.el5_1.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openldap / openldap / openldap-clients / openldap-devel / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:46:48", "description": "Authenticated users could crash the LDAP server 'slapd' via the 'NOOP'\ncommand (CVE-2007-6698,CVE-2008-0658)", "edition": 24, "published": "2008-04-28T00:00:00", "title": "openSUSE 10 Security Update : openldap2 (openldap2-4999)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "modified": "2008-04-28T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openldap2-back-meta", "cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:openldap2-devel", "p-cpe:/a:novell:opensuse:openldap2", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:openldap2-devel-32bit", "p-cpe:/a:novell:opensuse:openldap2-back-perl"], "id": "SUSE_OPENLDAP2-4999.NASL", "href": "https://www.tenable.com/plugins/nessus/32079", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openldap2-4999.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32079);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n\n script_name(english:\"openSUSE 10 Security Update : openldap2 (openldap2-4999)\");\n script_summary(english:\"Check for the openldap2-4999 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Authenticated users could crash the LDAP server 'slapd' via the 'NOOP'\ncommand (CVE-2007-6698,CVE-2008-0658)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"openldap2-2.3.19-18.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"openldap2-back-meta-2.3.19-18.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"openldap2-back-perl-2.3.19-18.18\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"openldap2-devel-2.3.19-18.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.19-18.16\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"openldap2-2.3.27-30\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"openldap2-back-meta-2.3.27-30\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"openldap2-back-perl-2.3.27-30\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"openldap2-devel-2.3.27-29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.27-29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-2.3.37-7.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-back-meta-2.3.37-7.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-back-perl-2.3.37-7.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-devel-2.3.37-20.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.37-20.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2 / openldap2-back-meta / openldap2-back-perl / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:51", "description": "A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior\nto 2.3.39 when running as a proxy-caching server. It would allocate\nmemory using a malloc variant rather than calloc, which prevented an\narray from being properly initialized and could possibly allow\nattackers to cause a denial of service (CVE-2007-5708).\n\nTwo vulnerabilities were found in how slapd handled modify (prior to\n2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on\nobjects stored in the BDB backend. An authenticated user with\npermission to perform modify (CVE-2007-6698) or modrdn (CVE-2008-0658)\noperations could cause slapd to crash.\n\nThe updated packages have been patched to correct these issues.", "edition": 24, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : openldap (MDVSA-2008:058)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698", "CVE-2007-5708"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libldap2.3_0", "p-cpe:/a:mandriva:linux:openldap-clients", "p-cpe:/a:mandriva:linux:libldap2.3_0-devel", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:openldap-tests", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:openldap-doc", "p-cpe:/a:mandriva:linux:lib64ldap2.3_0", "p-cpe:/a:mandriva:linux:lib64ldap2.3_0-devel", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:openldap-servers", "p-cpe:/a:mandriva:linux:openldap-testprogs", "p-cpe:/a:mandriva:linux:libldap2.3_0-static-devel", "p-cpe:/a:mandriva:linux:lib64ldap2.3_0-static-devel", "p-cpe:/a:mandriva:linux:openldap"], "id": "MANDRIVA_MDVSA-2008-058.NASL", "href": "https://www.tenable.com/plugins/nessus/37371", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:058. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37371);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5708\", \"CVE-2007-6698\", \"CVE-2008-0658\");\n script_xref(name:\"MDVSA\", value:\"2008:058\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openldap (MDVSA-2008:058)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior\nto 2.3.39 when running as a proxy-caching server. It would allocate\nmemory using a malloc variant rather than calloc, which prevented an\narray from being properly initialized and could possibly allow\nattackers to cause a denial of service (CVE-2007-5708).\n\nTwo vulnerabilities were found in how slapd handled modify (prior to\n2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on\nobjects stored in the BDB backend. An authenticated user with\npermission to perform modify (CVE-2007-6698) or modrdn (CVE-2008-0658)\noperations could cause slapd to crash.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldap2.3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldap2.3_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldap2.3_0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldap2.3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldap2.3_0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldap2.3_0-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-testprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-devel-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-static-devel-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libldap2.3_0-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libldap2.3_0-devel-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libldap2.3_0-static-devel-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"openldap-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"openldap-clients-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"openldap-doc-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"openldap-servers-2.3.27-2.2mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-devel-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-static-devel-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libldap2.3_0-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libldap2.3_0-devel-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libldap2.3_0-static-devel-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"openldap-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"openldap-clients-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"openldap-doc-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"openldap-servers-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"openldap-testprogs-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"openldap-tests-2.3.34-5.2mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-devel-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ldap2.3_0-static-devel-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libldap2.3_0-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libldap2.3_0-devel-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libldap2.3_0-static-devel-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openldap-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openldap-clients-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openldap-doc-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openldap-servers-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openldap-testprogs-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"openldap-tests-2.3.38-3.2mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2018-04-09T11:39:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of compat-openldap", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880087", "type": "openvas", "title": "CentOS Update for compat-openldap CESA-2008:0110 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for compat-openldap CESA-2008:0110 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"compat-openldap on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014703.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880087\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0110\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"CentOS Update for compat-openldap CESA-2008:0110 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of compat-openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.3.27_2.2.29~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of openldap", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870149", "href": "http://plugins.openvas.org/nasl.php?oid=870149", "type": "openvas", "title": "RedHat Update for openldap RHSA-2008:0110-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openldap RHSA-2008:0110-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"openldap on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00007.html\");\n script_id(870149);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2008:0110-01\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"RedHat Update for openldap RHSA-2008:0110-01\");\n\n script_summary(\"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.3.27_2.2.29~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.3.27~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.3.27~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-debuginfo\", rpm:\"openldap-debuginfo~2.3.27~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.3.27~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.3.27~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.3.27~8.el5_1.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.1.30~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.2.13~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.2.13~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-debuginfo\", rpm:\"openldap-debuginfo~2.2.13~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.2.13~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.2.13~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.2.13~8.el4_6.4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of compat-openldap", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880044", "type": "openvas", "title": "CentOS Update for compat-openldap CESA-2008:0110 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for compat-openldap CESA-2008:0110 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"compat-openldap on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014690.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880044\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0110\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"CentOS Update for compat-openldap CESA-2008:0110 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of compat-openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.1.30~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of compat-openldap", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880167", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880167", "type": "openvas", "title": "CentOS Update for compat-openldap CESA-2008:0110 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for compat-openldap CESA-2008:0110 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"compat-openldap on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014702.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880167\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0110\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"CentOS Update for compat-openldap CESA-2008:0110 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of compat-openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.3.27_2.2.29~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.3.27~8.el5_1.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of openldap", "modified": "2017-07-10T00:00:00", "published": "2009-02-16T00:00:00", "id": "OPENVAS:860783", "href": "http://plugins.openvas.org/nasl.php?oid=860783", "type": "openvas", "title": "Fedora Update for openldap FEDORA-2008-1616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openldap FEDORA-2008-1616\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openldap on Fedora 7\";\ntag_insight = \"OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\n Protocol) applications and development tools. LDAP is a set of\n protocols for accessing directory services (usually phone book style\n information, but other information is possible) over the Internet,\n similar to the way DNS (Domain Name System) information is propagated\n over the Internet. The openldap package contains configuration files,\n libraries, and documentation for OpenLDAP.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00471.html\");\n script_id(860783);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-1616\");\n script_cve_id(\"CVE-2008-0658\", \"CVE-2007-6698\");\n script_name( \"Fedora Update for openldap FEDORA-2008-1616\");\n\n script_summary(\"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.3.34~7.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-26T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:60457", "href": "http://plugins.openvas.org/nasl.php?oid=60457", "type": "openvas", "title": "FreeBSD Ports: openldap-server", "sourceData": "#\n#VID e5d29309-e0db-11dc-97b2-001c2514716c\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: openldap-server\n\nCVE-2008-0658\nslapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP\n2.3.39 allows remote authenticated users to cause a denial of service\n(daemon crash) via a modrdn operation with a NOOP\n(LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\nif(description)\n{\n script_id(60457);\n script_version(\"$Revision: 4144 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-26 07:28:56 +0200 (Mon, 26 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-0658\");\n script_bugtraq_id(27778);\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: openldap-server\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"openldap-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.3.41\")<0) {\n txt += 'Package openldap-server version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4.0\")>0 && revcomp(a:bver, b:\"2.4.8\")<0) {\n txt += 'Package openldap-server version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:28:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-584-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840291", "href": "http://plugins.openvas.org/nasl.php?oid=840291", "type": "openvas", "title": "Ubuntu Update for openldap2.2, openldap2.3 vulnerabilities USN-584-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_584_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for openldap2.2, openldap2.3 vulnerabilities USN-584-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Jonathan Clarke discovered that the OpenLDAP slapd server did not\n properly handle modify requests when using the Berkeley DB backend\n and the NOOP control was used. An authenticated user with modify\n permissions could send a crafted modify request and cause a denial\n of service via application crash. Ubuntu 7.10 is not affected by\n this issue. (CVE-2007-6698)\n\n Ralf Haferkamp discovered that the OpenLDAP slapd server did not\n properly handle modrdn requests when using the Berkeley DB backend\n and the NOOP control was used. An authenticated user with modrdn\n permissions could send a crafted modrdn request and possibly cause a\n denial of service via application crash. (CVE-2007-6698)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-584-1\";\ntag_affected = \"openldap2.2, openldap2.3 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-584-1/\");\n script_id(840291);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"584-1\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"Ubuntu Update for openldap2.2, openldap2.3 vulnerabilities USN-584-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.3.30-2ubuntu0.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap\", ver:\"2.3-0_2.3.30-2ubuntu0.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.3.30-2ubuntu0.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.2.26-5ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap\", ver:\"2.2-7_2.2.26-5ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.2.26-5ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.2.26-5ubuntu3.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap\", ver:\"2.2-7_2.2.26-5ubuntu3.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.2.26-5ubuntu3.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.3.35-1ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap\", ver:\"2.3-0_2.3.35-1ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.3.35-1ubuntu0.2\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of compat-openldap", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880044", "href": "http://plugins.openvas.org/nasl.php?oid=880044", "type": "openvas", "title": "CentOS Update for compat-openldap CESA-2008:0110 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for compat-openldap CESA-2008:0110 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"compat-openldap on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014690.html\");\n script_id(880044);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0110\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"CentOS Update for compat-openldap CESA-2008:0110 centos4 x86_64\");\n\n script_summary(\"Check for the Version of compat-openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.1.30~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Check for the Version of compat-openldap", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880171", "href": "http://plugins.openvas.org/nasl.php?oid=880171", "type": "openvas", "title": "CentOS Update for compat-openldap CESA-2008:0110 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for compat-openldap CESA-2008:0110 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of Lightweight Directory Access Protocol\n (LDAP) applications and development tools. LDAP is a set of protocols for\n accessing directory services.\n\n These updated openldap packages fix a flaw in the way the OpenLDAP slapd\n daemon handled modify and modrdn requests with NOOP control on objects\n stored in a Berkeley DB (BDB) storage backend. An authenticated attacker\n with permission to perform modify or modrdn operations on such LDAP objects\n could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658)\n \n Users of openldap should upgrade to these updated packages, which contain a\n backported patch to correct this issue.\";\n\ntag_affected = \"compat-openldap on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014689.html\");\n script_id(880171);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2008:0110\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_name( \"CentOS Update for compat-openldap CESA-2008:0110 centos4 i386\");\n\n script_summary(\"Check for the Version of compat-openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.1.30~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.2.13~8.el4_6.4\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Oracle Linux Local Security Checks ELSA-2008-0110", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122608", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122608", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0110.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122608\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:49:13 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0110\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0110 - Moderate: openldap security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0110\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0110.html\");\n script_cve_id(\"CVE-2007-6698\", \"CVE-2008-0658\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.3.27_2.2.29~8.el5_1.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.3.27~8.el5_1.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.3.27~8.el5_1.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.3.27~8.el5_1.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.3.27~8.el5_1.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"openldap-servers-sql\", rpm:\"openldap-servers-sql~2.3.27~8.el5_1.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:33", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": " [2.3.27-8.3]\n - better fix for CVE-2007-6698 (#431407), now it fixes also\n modrdn operations\n \n [2.3.27-8.2]\n - fix CVE-2007-6698 (#431407) ", "edition": 4, "modified": "2008-02-21T00:00:00", "published": "2008-02-21T00:00:00", "id": "ELSA-2008-0110", "href": "http://linux.oracle.com/errata/ELSA-2008-0110.html", "title": "Moderate: openldap security update ", "type": "oraclelinux", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:35:11", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658", "CVE-2007-6698"], "description": "Jonathan Clarke discovered that the OpenLDAP slapd server did not \nproperly handle modify requests when using the Berkeley DB backend \nand specifying the NOOP control. An authenticated user with modify \npermissions could send a crafted modify request and cause a denial \nof service via application crash. Ubuntu 7.10 is not affected by \nthis issue. (CVE-2007-6698)\n\nRalf Haferkamp discovered that the OpenLDAP slapd server did not \nproperly handle modrdn requests when using the Berkeley DB backend \nand specifying the NOOP control. An authenticated user with modrdn \npermissions could send a crafted modrdn request and possibly cause a \ndenial of service via application crash. (CVE-2007-6698)", "edition": 5, "modified": "2008-03-05T00:00:00", "published": "2008-03-05T00:00:00", "id": "USN-584-1", "href": "https://ubuntu.com/security/notices/USN-584-1", "title": "OpenLDAP vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:19:52", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658", "CVE-2007-5707", "CVE-2007-6698", "CVE-2007-5708"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1541-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nApril 08, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openldap2.3\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-5707 CVE-2007-5708 CVE-2007-6698 CVE-2008-0658\nDebian Bug : 440632 448644 465875\n\nSeveral remote vulnerabilities have been discovered in OpenLDAP, a\nfree implementation of the Lightweight Directory Access Protocol. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2007-5707\n\n Thomas Sesselmann discovered that slapd could be crashed by a\n malformed modify requests.\n \nCVE-2007-5708\n\n Toby Blade discovered that incorrect memory handling in slapo-pcache\n could lead to denial of service through crafted search requests.\n\nCVE-2007-6698\n\n It was discovered that a programming error in the interface to the\n BDB storage backend could lead to denial of service through\n crafted modify requests.\n\nCVE-2008-0658\n\n It was discovered that a programming error in the interface to the\n BDB storage backend could lead to denial of service through\n crafted modrdn requests.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.3.30-5+etch1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.4.7-6.1.\n\nWe recommend that you upgrade your openldap2.3 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch1.diff.gz\n Size/MD5 checksum: 311352 ab5ecd0da4ad32f39ca8ca34e97aea8e\n http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30.orig.tar.gz\n Size/MD5 checksum: 2971126 c40bcc23fa65908b8d7a86a4a6061251\n http://security.debian.org/pool/updates/main/o/openldap2.3/openldap2.3_2.3.30-5+etch1.dsc\n Size/MD5 checksum: 1205 64cd8bb9897af0062fd15e9b0fb8e32e\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_alpha.deb\n Size/MD5 checksum: 193978 6e4e9f9c7f0936cb8d023bf2402af42e\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_alpha.deb\n Size/MD5 checksum: 293070 35576398d8f2d5618bace89bbec87870\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_alpha.deb\n Size/MD5 checksum: 1283688 a2eaf28c1c1285753e71122c5561e39f\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_amd64.deb\n Size/MD5 checksum: 184540 6bc131c285864c654d28e90fd06000ee\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_amd64.deb\n Size/MD5 checksum: 285256 995b228196a6ce2ccf5bcfa6521244c5\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_amd64.deb\n Size/MD5 checksum: 1244474 3b455c3a4f221bfb82dd6f70dd5f851a\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_arm.deb\n Size/MD5 checksum: 1188898 956eeea9cc2bd6e5e4e50145d05dd39e\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_arm.deb\n Size/MD5 checksum: 141956 d9b143c4304ca81db461be2bdf30221c\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_arm.deb\n Size/MD5 checksum: 254604 6b2744212645932232f285547c3465a0\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_hppa.deb\n Size/MD5 checksum: 1306308 287335a1821aefc8efb102d6982aff98\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_hppa.deb\n Size/MD5 checksum: 292048 4a4f3ef5fbbe1e8793bf1cd797e7b028\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_hppa.deb\n Size/MD5 checksum: 180756 691a106d02d195b991b235515d0d174c\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_i386.deb\n Size/MD5 checksum: 265946 e88fc90218b13aebb2a1578901a69824\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_i386.deb\n Size/MD5 checksum: 1174252 903a34a92df100585dba3e0ec0f25987\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_i386.deb\n Size/MD5 checksum: 154126 80588200bcbc4f6b8e3c60983eae4780\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_ia64.deb\n Size/MD5 checksum: 379540 9487d1a5a9a03c4654b7a361d4c67753\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_ia64.deb\n Size/MD5 checksum: 1660796 6df92fd96886f3316f26f89f2da0eb96\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_ia64.deb\n Size/MD5 checksum: 239118 9ae940f8df656d2f233acefd0b2274bf\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_mips.deb\n Size/MD5 checksum: 185506 8a1ab4fc883116059b529ffa00a8c346\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_mips.deb\n Size/MD5 checksum: 1205680 431589f3aad740adde1dc121edfc2f0b\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_mips.deb\n Size/MD5 checksum: 257964 10ae6c9739e5ec1cce436e82572d3086\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_mipsel.deb\n Size/MD5 checksum: 1188188 eb29253ae4008e5e74135b9b03fda111\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_mipsel.deb\n Size/MD5 checksum: 258576 83b99052b2853cd94b665ae621d3b66f\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_mipsel.deb\n Size/MD5 checksum: 186780 316031a466a6e221789ee246c2fe96c6\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_powerpc.deb\n Size/MD5 checksum: 272220 f8cb7024f7e5e00b94ff8d638cddb18d\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_powerpc.deb\n Size/MD5 checksum: 188744 7bd626905a9443950a1cab4df28a4a59\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_powerpc.deb\n Size/MD5 checksum: 1243640 6faf3ce99497a3e8d793eea3c0d0aca2\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_s390.deb\n Size/MD5 checksum: 1240862 ccf0e13f6dc5756dc84d524cb9a033dd\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_s390.deb\n Size/MD5 checksum: 291452 33deedd35ad575833f7227047b644fae\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_s390.deb\n Size/MD5 checksum: 168348 4fa52da0e0d54466a804c40306ae9f83\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openldap2.3/slapd_2.3.30-5+etch1_sparc.deb\n Size/MD5 checksum: 1167532 392f3e996130e2fa64c0005218d776e0\n http://security.debian.org/pool/updates/main/o/openldap2.3/libldap-2.3-0_2.3.30-5+etch1_sparc.deb\n Size/MD5 checksum: 256800 32585d0c8d9996050f74caf021af6f73\n http://security.debian.org/pool/updates/main/o/openldap2.3/ldap-utils_2.3.30-5+etch1_sparc.deb\n Size/MD5 checksum: 154976 a083feee801f6c843b6509df9b6307b3\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2008-04-08T21:51:24", "published": "2008-04-08T21:51:24", "id": "DEBIAN:DSA-1541-1:66533", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00111.html", "title": "[SECURITY] [DSA 1541-1] New openldap2.3 packages fix denial of service", "type": "debian", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:38", "description": "\nOpenLDAP 2.3.39 - MODRDN Remote Denial of Service", "edition": 1, "published": "2009-11-09T00:00:00", "title": "OpenLDAP 2.3.39 - MODRDN Remote Denial of Service", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-6698"], "modified": "2009-11-09T00:00:00", "id": "EXPLOITPACK:AD1FDA03798D6F8F89D9AFDB34F6C3BF", "href": "", "sourceData": "Attackers use readily available LDAP commands to exploit this issue.\n\n\n\nsource: https://www.securityfocus.com/bid/27778/info\n\nOpenLDAP is prone to a remote denial-of-service vulnerability.\n\nAttackers can exploit this issue to deny service to legitimate users.\n\nOpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected.\n\nThis issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698.\n\nldapmodrdn -x -h :389 -D <dn> -w <pw> -e \\noop ou=test,dc=my-domain,dc=com ou=test2", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658"], "description": "\nSecunia Advisory reports:\n\nA vulnerability has been reported in OpenLDAP, which can\n\t be exploited by malicious users to cause a DoS (Denial of\n\t Service).\n\n", "edition": 4, "modified": "2008-02-13T00:00:00", "published": "2008-02-13T00:00:00", "id": "E5D29309-E0DB-11DC-97B2-001C2514716C", "href": "https://vuxml.freebsd.org/freebsd/e5d29309-e0db-11dc-97b2-001c2514716c.html", "title": "openldap -- modrdn Denial of Service vulnerability", "type": "freebsd", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T14:03:35", "description": "OpenLDAP 2.3.39 MODRDN Remote Denial of Service Vulnerability. CVE-2008-0658. Dos exploit for linux platform", "published": "2008-02-13T00:00:00", "type": "exploitdb", "title": "OpenLDAP 2.3.39 MODRDN Remote Denial of Service Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0658"], "modified": "2008-02-13T00:00:00", "id": "EDB-ID:31190", "href": "https://www.exploit-db.com/exploits/31190/", "sourceData": "source: http://www.securityfocus.com/bid/27778/info\r\n\r\nOpenLDAP is prone to a remote denial-of-service vulnerability.\r\n\r\nAttackers can exploit this issue to deny service to legitimate users.\r\n\r\nOpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected.\r\n\r\nThis issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698.\r\n\r\nldapmodrdn -x -h :389 -D <dn> -w <pw> -e \\noop ou=test,dc=my-domain,dc=com ou=test2 ", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/31190/"}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0658", "CVE-2007-5707", "CVE-2007-5708"], "description": "### Background\n\nOpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol. \n\n### Description\n\nThe following errors have been discovered in OpenLDAP: \n\n * Tony Blake discovered an error which exists within the normalisation of \"objectClasses\" (CVE-2007-5707).\n * Thomas Sesselmann reported that, when running as a proxy-caching server the \"add_filter_attrs()\" function in servers/slapd/overlay/pcache.c does not correctly NULL terminate \"new_attrs\" (CVE-2007-5708).\n * A double-free bug exists in attrs_free() in the file servers/slapd/back-bdb/modrdn.c, which was discovered by Jonathan Clarke (CVE-2008-0658).\n\n### Impact\n\nA remote attacker can cause a Denial of Serivce by sending a malformed \"objectClasses\" attribute, and via unknown vectors that prevent the \"new_attrs\" array from being NULL terminated, and via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll OpenLDAP users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-nds/openldap-2.3.41\"", "edition": 1, "modified": "2008-03-19T00:00:00", "published": "2008-03-19T00:00:00", "id": "GLSA-200803-28", "href": "https://security.gentoo.org/glsa/200803-28", "type": "gentoo", "title": "OpenLDAP: Denial of Service vulnerabilities", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}