16 matches found
SUSE CVE-2006-4600
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...
Oracle Linux 4 : openldap (ELSA-2007-0310)
From Red Hat Security Advisory 2007:0310 : A updated openldap packages that fix a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP Lightweight...
CentOS 4 : gdm / openldap (CESA-2007:0310)
A updated openldap packages that fix a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and...
Scientific Linux Security Update : openldap on SL4.x i386/x86_64
A flaw was found in the way OpenLDAP handled selfwrite access. Users with selfwrite access were able to modify the distinguished name of any user. CVE-2006-4600 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...
Scientific Linux Security Update : openldap on SL3.x i386/x86_64
A flaw was found in the way OpenLDAP handled selfwrite access. Users with selfwrite access were able to modify the distinguished name of any user. Users with selfwrite access should only be able to modify their own distinguished name. CVE-2006-4600 A memory leak bug was found in OpenLDAP's...
openldap security update
CentOS Errata and Security Advisory CESA-2007:0430 A updated openldap packages that fix a security flaw and a memory leak bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenLDAP is an open sourc...
security flaw
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...
Low: Red Hat Security Advisory: openldap security and bug-fix update
A updated openldap packages that fix a security flaw and a memory leak bug are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protoc...
Low: openldap security update
2.3.13-7.4E - include the -selfwrite patch to close Resolves: rhbz205826: CVE-2006-4600 openldap improper selfwrite access...
compat, gdm, openldap security update
CentOS Errata and Security Advisory CESA-2007:0310 A updated openldap packages that fix a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP...
Low: Red Hat Security Advisory: openldap security update
A updated openldap packages that fix a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and...
security flaw
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...
FreeBSD : openldap -- slapd acl selfwrite Security Issue (ae7124ff-547c-11db-8f1a-000a48049292)
Howard Chu reports : An ACL of the form 'access to dn.subtree='ou=groups, dc=example,dc=com' attr=member by selfwrite' is intended to only allow users to add/delete their own DN to the target attribute. Currently it allows any DNs to be modified. %NASLMINLEVEL 70300 C Tenable Network Security, In...
CVE-2006-4600
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...
OpenLDAP privilege escalation
User with 'selfwrite' ACL parameter can modify any attributes...
openldap -- slapd acl selfwrite Security Issue
Howard Chu reports: An ACL of the form 'access to dn.subtree="ou=groups, dc=example,dc=com" attr=member by selfwrite' is intended to only allow users to add/delete their own DN to the target attribute. Currently it allows any DNs to be modified...