openSUSE Security Update : openldap2 (openSUSE-SU-2011:0359-1)

Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password CVE-2011-1024. unauthenticated users could crash the ldap server CVE-2011-1081. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

openSUSE Security Update : openldap2 (openSUSE-SU-2011:0363-1)

Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password CVE-2011-1024. unauthenticated users could crash the ldap server CVE-2011-1081. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

Oracle Linux 6 : openldap (ELSA-2011-0347)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0347 advisory. - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success Tenable has extracted the preceding description block directly from the Orac...

RedHat Update for openldap RHSA-2011:0347-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for openldap FEDORA-2011-3627

Check for the Version of openldap OpenVAS Vulnerability Test Fedora Update for openldap FEDORA-2011-3627 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for openldap FEDORA-2011-3627

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

openSUSE Security Update : openldap2 (openSUSE-SU-2011:0356-1)

Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password CVE-2011-1024. unauthenticated users could crash the ldap server CVE-2011-1081. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

SuSE 11.1 Security Update : OpenLDAP (SAT Patch Number 4086)

The following security issues have been fixed : - Master/slave configurations with enabled 'ppolicyforwardupdates' option potentially allowed users to log in with an invalid password. CVE-2011-1024 - unauthenticated users could crash the ldap server. CVE-2011-1081 %NASLMINLEVEL 70300 C Tenable...

Mandriva Update for openldap MDVSA-2011:056 (openldap)

Check for the Version of openldap OpenVAS Vulnerability Test Mandriva Update for openldap MDVSA-2011:056 openldap Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openldap, openldap2.3 vulnerabilities (USN-1100-1)

It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. CVE-2011-1024 It was...

Ubuntu: Security Advisory (USN-1100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1100-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a consumer server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a consumer server. CVE-2011-1024 It...

[ MDVSA-2011:055 ] openldap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:055 http://www.mandriva.com/security/ Package : openldap Date : March 30, 2011 Affected: 2009.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been identified and fixed in openldap:...

CVE-2011-1081

OpenLDAP OpenLDAP 2.4.x is affected by CVE-2011-1081 due to a flaw in modrdn.c (slapd) that allows a remote attacker to crash the daemon via a MODRDN request with an empty OldDN value. Impact per the description is a Denial of Service (daemon crash). The issue is tied to OpenLDAP 2.4.x prior to 2...