OpenLDAP slurpd Status File Handling Overflow

2006-05-19T08:47:35
ID OSVDB:25659
Type osvdb
Reporter OSVDB
Modified 2006-05-19T08:47:35

Description

Solution Description

Upgrade to version 2.3.22 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://www.openldap.org/software/release/changes.html Vendor Specific News/Changelog Entry: http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff?r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=h Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:20495 Secunia Advisory ID:20126 Secunia Advisory ID:20685 Secunia Advisory ID:20848 Other Advisory URL: http://www.ubuntu.com/usn/usn-305-1 FrSIRT Advisory: ADV-2006-1921 CVE-2006-2754