SUSE CVE-2011-1024

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicyforwardupdates aka authentication-failure forwarding is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a sla...

Oracle: Security Advisory (ELSA-2011-0346)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : openldap2 (openSUSE-SU-2011:0359-1)

Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password CVE-2011-1024. unauthenticated users could crash the ldap server CVE-2011-1081. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

openSUSE Security Update : openldap2 (openSUSE-SU-2011:0363-1)

Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password CVE-2011-1024. unauthenticated users could crash the ldap server CVE-2011-1081. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

Oracle Linux 6 : openldap (ELSA-2011-0347)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0347 advisory. - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 5 : openldap (ELSA-2011-0346)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0346 advisory. - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success 680484 Tenable has extracted the preceding description block directly from the Oracle...

RedHat Update for openldap RHSA-2011:0347-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for openldap FEDORA-2011-3627

Check for the Version of openldap OpenVAS Vulnerability Test Fedora Update for openldap FEDORA-2011-3627 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for openldap FEDORA-2011-3627

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

openSUSE Security Update : openldap2 (openSUSE-SU-2011:0356-1)

Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password CVE-2011-1024. unauthenticated users could crash the ldap server CVE-2011-1081. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

SuSE 11.1 Security Update : OpenLDAP (SAT Patch Number 4086)

The following security issues have been fixed : - Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password. CVE-2011-1024 - unauthenticated users could crash the ldap server. CVE-2011-1081 %NASLMINLEVEL 70300 C Tenable...

CentOS 5 : openldap (CESA-2011:0346)

Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

compat, openldap security update

CentOS Errata and Security Advisory CESA-2011:0346 Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

Mandriva Update for openldap MDVSA-2011:056 (openldap)

Check for the Version of openldap OpenVAS Vulnerability Test Mandriva Update for openldap MDVSA-2011:056 openldap Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Ubuntu: Security Advisory (USN-1100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openldap, openldap2.3 vulnerabilities (USN-1100-1)

It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. CVE-2011-1024 It was...

USN-1100-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a consumer server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a consumer server. CVE-2011-1024 It...

[ MDVSA-2011:055 ] openldap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:055 http://www.mandriva.com/security/ Package : openldap Date : March 30, 2011 Affected: 2009.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been identified and fixed in openldap:...

CVE-2011-1024

CVE-2011-1024 affects OpenLDAP 2.4.x in chain.c/back-ldap when a master-slave setup with a chain overlay and ppolicy_forward_updates is used. The vulnerability allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. The descrip...

RedHat Update for openldap RHSA-2011:0346-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...