Oracle Linux 6 : openldap (ELSA-2011-0347)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0347 advisory. - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success Tenable has extracted the preceding description block directly from the Orac...

RedHat Update for openldap RHSA-2011:0347-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for openldap FEDORA-2011-3627

Check for the Version of openldap OpenVAS Vulnerability Test Fedora Update for openldap FEDORA-2011-3627 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for openldap FEDORA-2011-3627

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for openldap MDVSA-2011:056 (openldap)

Check for the Version of openldap OpenVAS Vulnerability Test Mandriva Update for openldap MDVSA-2011:056 openldap Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openldap, openldap2.3 vulnerabilities (USN-1100-1)

It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. CVE-2011-1024 It was...

Ubuntu: Security Advisory (USN-1100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1100-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a consumer server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a consumer server. CVE-2011-1024 It...

CVE-2011-1025

OpenLDAP 2.4.x with the back-ndb backend is vulnerable to CVE-2011-1025: bind.cpp in back-ndb allows remote attackers to bypass access restrictions by supplying any password when binding as the root DN, without authentication. Affected: OpenLDAP 2.4.x before 2.4.24. Impact: possible unauthorized ...

openldap security update

2.4.19-15.2 - fix: security - DoS when submitting special MODRDN request 680975 2.4.19-15.1 - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success - fix: CVE-2011-1025 rootpw is not verified for ndb backend...