4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.94 High
EPSS
Percentile
98.7%
OpenLDAP is an open source suite of Lightweight Directory Access Protocol
(LDAP) applications and development tools. LDAP is a set of protocols used
to access and maintain distributed directory information services over an
IP network. The openldap package contains configuration files, libraries,
and documentation for OpenLDAP.
A denial of service flaw was found in the way the OpenLDAP server daemon
(slapd) performed reference counting when using the rwm (rewrite/remap)
overlay. A remote attacker able to query the OpenLDAP server could use this
flaw to crash the server by immediately unbinding from the server after
sending a search request. (CVE-2013-4449)
Red Hat would like to thank Michael Vishchers from Seven Principles AG for
reporting this issue.
This update also fixes the following bug:
All openldap users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | i686 | openldap-devel | <Β 2.4.23-34.el6_5.1 | openldap-devel-2.4.23-34.el6_5.1.i686.rpm |
RedHat | 6 | s390 | openldap-debuginfo | <Β 2.4.23-34.el6_5.1 | openldap-debuginfo-2.4.23-34.el6_5.1.s390.rpm |
RedHat | 6 | x86_64 | openldap-servers | <Β 2.4.23-34.el6_5.1 | openldap-servers-2.4.23-34.el6_5.1.x86_64.rpm |
RedHat | 6 | s390x | openldap-devel | <Β 2.4.23-34.el6_5.1 | openldap-devel-2.4.23-34.el6_5.1.s390x.rpm |
RedHat | 6 | ppc | openldap | <Β 2.4.23-34.el6_5.1 | openldap-2.4.23-34.el6_5.1.ppc.rpm |
RedHat | 6 | s390x | openldap-clients | <Β 2.4.23-34.el6_5.1 | openldap-clients-2.4.23-34.el6_5.1.s390x.rpm |
RedHat | 6 | ppc64 | openldap-clients | <Β 2.4.23-34.el6_5.1 | openldap-clients-2.4.23-34.el6_5.1.ppc64.rpm |
RedHat | 6 | x86_64 | openldap | <Β 2.4.23-34.el6_5.1 | openldap-2.4.23-34.el6_5.1.x86_64.rpm |
RedHat | 6 | s390x | openldap | <Β 2.4.23-34.el6_5.1 | openldap-2.4.23-34.el6_5.1.s390x.rpm |
RedHat | 6 | s390 | openldap | <Β 2.4.23-34.el6_5.1 | openldap-2.4.23-34.el6_5.1.s390.rpm |