Solaris LDAP2 ldapadd rootDN Password Local Disclosure

2006-04-11T06:47:38
ID OSVDB:24564
Type osvdb
Reporter Michael Gerdts()
Modified 2006-04-11T06:47:38

Description

Vulnerability Description

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapadd utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun Microsystems has released a patch to address this vulnerability.

Short Description

Solaris contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ldapadd utility in the LDAP2 suite is manipulated in such a way to disclose the rootDN (Directory Server root Distinguished Name). No further details have been provided.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:21493 Secunia Advisory ID:19638 Related OSVDB ID: 24565 Related OSVDB ID: 24567 Related OSVDB ID: 24563 Related OSVDB ID: 24566 Related OSVDB ID: 24568 Keyword: 4701811 Keyword: BugIDs: 4701755 FrSIRT Advisory: ADV-2006-1334 CVE-2006-1782 Bugtraq ID: 17479