[SA21721] OpenLDAP slapd "selfwrite" Security Issue

TITLE: OpenLDAP slapd "selfwrite" Security Issue SECUNIA ADVISORY ID: SA21721 VERIFY ADVISORY: http://secunia.com/advisories/21721/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: OpenLDAP 2.3.x http://secunia.com/product/5943/ DESCRIPTION: Howard Chu has reported a...

openldap -- slapd acl selfwrite Security Issue

Howard Chu reports: An ACL of the form 'access to dn.subtree="ou=groups, dc=example,dc=com" attr=member by selfwrite' is intended to only allow users to add/delete their own DN to the target attribute. Currently it allows any DNs to be modified...