RedHat Update for openldap RHSA-2010:0198-04

###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for openldap RHSA-2010:0198-04
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  Protocol) applications and development tools.

  A flaw was found in the way OpenLDAP handled NUL characters in the
  CommonName field of X.509 certificates. An attacker able to get a
  carefully-crafted certificate signed by a trusted Certificate Authority
  could trick applications using OpenLDAP libraries into accepting it by
  mistake, allowing the attacker to perform a man-in-the-middle attack.
  (CVE-2009-3767)
  
  This update also fixes the following bugs:
  
  * the ldap init script did not provide a way to alter system limits for the
  slapd daemon. A variable is now available in "/etc/sysconfig/ldap" for this
  option. (BZ#527313)
  
  * applications that use the OpenLDAP libraries to contact a Microsoft
  Active Directory server could crash when a large number of network
  interfaces existed. This update implements locks in the OpenLDAP library
  code to resolve this issue. (BZ#510522)
  
  * when slapd was configured to allow client certificates, approximately 90%
  of connections froze because of a large CA certificate file and slapd not
  checking the success of the SSL handshake. (BZ#509230)
  
  * the OpenLDAP server would freeze for unknown reasons under high load.
  These packages add support for accepting incoming connections by new
  threads, resolving the issue. (BZ#507276)
  
  * the compat-openldap libraries did not list dependencies on other
  libraries, causing programs that did not specifically specify the libraries
  to fail. Detection of the Application Binary Interface (ABI) in use on
  64-bit systems has been added with this update. (BZ#503734)
  
  * the OpenLDAP libraries caused applications to crash due to an unprocessed
  network timeout. A timeval of -1 is now passed when NULL is passed to LDAP.
  (BZ#495701)
  
  * slapd could crash on a server under heavy load when using rwm overlay,
  caused by freeing non-allocated memory during operation cleanup.
  (BZ#495628)
  
  * the ldap init script made a temporary script in "/tmp/" and attempted to
  execute it. Problems arose when "/tmp/" was mounted with the noexec option.
  The temporary script is no longer created. (BZ#483356)
  
  * the ldap init script always started slapd listening on ldap:/// even if
  instructed to listen only on ldaps:///. By correcting the init script, a
  user can now select which ports slapd should listen on. (BZ#481003)
  
  * the slapd manual page did not mention the supported options -V and -o.
  (BZ#468206)
  
  * slapd.conf had a commented-out op ... 

  Description truncated, for more information please check the Reference URL";

tag_affected = "openldap on Red Hat Enterprise Linux (v. 5 server)";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2010-March/msg00031.html");
  script_id(870253);
  script_version("$Revision: 8186 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $");
  script_tag(name:"creation_date", value:"2010-04-06 08:56:44 +0200 (Tue, 06 Apr 2010)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_xref(name: "RHSA", value: "2010:0198-04");
  script_cve_id("CVE-2009-3767");
  script_name("RedHat Update for openldap RHSA-2010:0198-04");

  script_tag(name: "summary" , value: "Check for the Version of openldap");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "RHENT_5")
{

  if ((res = isrpmvuln(pkg:"compat-openldap", rpm:"compat-openldap~2.3.43_2.2.29~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap", rpm:"openldap~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-clients", rpm:"openldap-clients~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-debuginfo", rpm:"openldap-debuginfo~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-devel", rpm:"openldap-devel~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-servers", rpm:"openldap-servers~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-servers-overlays", rpm:"openldap-servers-overlays~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"openldap-servers-sql", rpm:"openldap-servers-sql~2.3.43~12.el5", rls:"RHENT_5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}