{"cve": [{"lastseen": "2017-08-17T10:42:43", "bulletinFamily": "NVD", "description": "modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.", "modified": "2017-08-16T21:33:49", "published": "2011-03-19T22:00:04", "id": "CVE-2011-1081", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1081", "title": "CVE-2011-1081", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-18T15:52:55", "bulletinFamily": "NVD", "description": "chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.", "modified": "2017-01-06T21:59:03", "published": "2011-03-19T22:00:03", "id": "CVE-2011-1024", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1024", "title": "CVE-2011-1024", "type": "cve", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:19:03", "bulletinFamily": "scanner", "description": "Master/slave configurations with enabled 'ppolicy_forward_updates'\noption potentially allowed users to log in with an invalid password\n(CVE-2011-1024).\n\nunauthenticated users could crash the ldap server (CVE-2011-1081).", "modified": "2018-11-10T00:00:00", "published": "2014-06-13T00:00:00", "id": "SUSE_11_3_OPENLDAP2-110303.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75686", "title": "openSUSE Security Update : openldap2 (openSUSE-SU-2011:0359-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openldap2-4084.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75686);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n\n script_name(english:\"openSUSE Security Update : openldap2 (openSUSE-SU-2011:0359-1)\");\n script_summary(english:\"Check for the openldap2-4084 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Master/slave configurations with enabled 'ppolicy_forward_updates'\noption potentially allowed users to log in with an invalid password\n(CVE-2011-1024).\n\nunauthenticated users could crash the ldap server (CVE-2011-1081).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=620389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=624980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-04/msg00055.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"openldap2-2.4.21-10.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"openldap2-back-meta-2.4.21-10.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"openldap2-back-perl-2.4.21-10.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2 / openldap2-back-meta / openldap2-back-perl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:59", "bulletinFamily": "scanner", "description": "The following security issues have been fixed :\n\n - Master/slave configurations with enabled\n 'ppolicy_forward_updates' option potentially allowed\n users to log in with an invalid password.\n (CVE-2011-1024)\n\n - unauthenticated users could crash the ldap server.\n (CVE-2011-1081)", "modified": "2013-10-25T00:00:00", "published": "2011-04-19T00:00:00", "id": "SUSE_11_COMPAT-LIBLDAP-2_3-0-110303.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53484", "title": "SuSE 11.1 Security Update : OpenLDAP (SAT Patch Number 4086)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53484);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:41:52 $\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n\n script_name(english:\"SuSE 11.1 Security Update : OpenLDAP (SAT Patch Number 4086)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following security issues have been fixed :\n\n - Master/slave configurations with enabled\n 'ppolicy_forward_updates' option potentially allowed\n users to log in with an invalid password.\n (CVE-2011-1024)\n\n - unauthenticated users could crash the ldap server.\n (CVE-2011-1081)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1081.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4086.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:compat-libldap-2_3-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"compat-libldap-2_3-0-2.3.37-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openldap2-2.4.20-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"openldap2-back-meta-2.4.20-0.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:09", "bulletinFamily": "scanner", "description": "Master/slave configurations with enabled 'ppolicy_forward_updates'\noption potentially allowed users to log in with an invalid password\n(CVE-2011-1024).\n\nunauthenticated users could crash the ldap server (CVE-2011-1081).", "modified": "2018-11-10T00:00:00", "published": "2014-06-13T00:00:00", "id": "SUSE_11_4_OPENLDAP2-110304.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75981", "title": "openSUSE Security Update : openldap2 (openSUSE-SU-2011:0363-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openldap2-4093.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75981);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n\n script_name(english:\"openSUSE Security Update : openldap2 (openSUSE-SU-2011:0363-1)\");\n script_summary(english:\"Check for the openldap2-4093 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Master/slave configurations with enabled 'ppolicy_forward_updates'\noption potentially allowed users to log in with an invalid password\n(CVE-2011-1024).\n\nunauthenticated users could crash the ldap server (CVE-2011-1081).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=648479\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-04/msg00059.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-back-meta-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-back-meta-debuginfo-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-back-perl-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-back-perl-debuginfo-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-back-sql-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-back-sql-debuginfo-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-debuginfo-2.4.23-11.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"openldap2-debugsource-2.4.23-11.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2 / openldap2-back-meta / openldap2-back-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:56", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been identified and fixed in openldap :\n\nchain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a\nmaster-slave configuration with a chain overlay and\nppolicy_forward_updates (aka authentication-failure forwarding) is\nused, allows remote authenticated users to bypass external-program\nauthentication by sending an invalid password to a slave server\n(CVE-2011-1024).\n\nmodrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\nattackers to cause a denial of service (daemon crash) via a relative\nDistinguished Name (DN) modification request (aka MODRDN operation)\nthat contains an empty value for the OldDN field (CVE-2011-1081).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.", "modified": "2019-01-02T00:00:00", "published": "2011-03-31T00:00:00", "id": "MANDRIVA_MDVSA-2011-055.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53226", "title": "Mandriva Linux Security Advisory : openldap (MDVSA-2011:055)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:055. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53226);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n script_bugtraq_id(46363, 46831);\n script_xref(name:\"MDVSA\", value:\"2011:055\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openldap (MDVSA-2011:055)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been identified and fixed in openldap :\n\nchain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a\nmaster-slave configuration with a chain overlay and\nppolicy_forward_updates (aka authentication-failure forwarding) is\nused, allows remote authenticated users to bypass external-program\nauthentication by sending an invalid password to a slave server\n(CVE-2011-1024).\n\nmodrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\nattackers to cause a denial of service (daemon crash) via a relative\nDistinguished Name (DN) modification request (aka MODRDN operation)\nthat contains an empty value for the OldDN field (CVE-2011-1081).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldap2.4_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldap2.4_2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ldap2.4_2-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldap2.4_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldap2.4_2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libldap2.4_2-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-testprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openldap-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64ldap2.4_2-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64ldap2.4_2-devel-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64ldap2.4_2-static-devel-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libldap2.4_2-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libldap2.4_2-devel-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libldap2.4_2-static-devel-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openldap-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openldap-clients-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openldap-doc-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openldap-servers-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openldap-testprogs-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"openldap-tests-2.4.11-3.4mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:12:07", "bulletinFamily": "scanner", "description": "Master/slave configurations with enabled 'ppolicy_forward_updates'\noption potentially allowed users to log in with an invalid password\n(CVE-2011-1024).\n\nunauthenticated users could crash the ldap server (CVE-2011-1081).", "modified": "2018-11-10T00:00:00", "published": "2011-05-05T00:00:00", "id": "SUSE_11_2_OPENLDAP2-110303.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53783", "title": "openSUSE Security Update : openldap2 (openSUSE-SU-2011:0356-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openldap2-4083.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53783);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:59\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n\n script_name(english:\"openSUSE Security Update : openldap2 (openSUSE-SU-2011:0356-1)\");\n script_summary(english:\"Check for the openldap2-4083 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Master/slave configurations with enabled 'ppolicy_forward_updates'\noption potentially allowed users to log in with an invalid password\n(CVE-2011-1024).\n\nunauthenticated users could crash the ldap server (CVE-2011-1081).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-04/msg00052.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"openldap2-2.4.17-5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"openldap2-back-meta-2.4.17-5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"openldap2-back-perl-2.4.17-5.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2 / openldap2-back-meta / openldap2-back-perl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:53", "bulletinFamily": "scanner", "description": "Updated openldap packages that fix three security issues are now available\n for Red Hat Enterprise Linux 6.\n\n The Red Hat Security Response Team has rated this update as having moderate\n security impact. Common Vulnerability Scoring System (CVSS) base scores,\n which give detailed severity ratings, are available for each vulnerability\n from the CVE links in the References section.\n\n OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\n Protocol) applications and development tools.\n\n A flaw was found in the way OpenLDAP handled authentication failures being\n passed from an OpenLDAP slave to the master. If OpenLDAP was configured\n with a chain overlay and it forwarded authentication failures, OpenLDAP\n would bind to the directory as an anonymous user and return success, rather\n than return failure on the authenticated bind. This could allow a user on a\n system that uses LDAP for authentication to log into a directory-based\n account without knowing the password. (CVE-2011-1024)\n\n It was found that the OpenLDAP back-ndb back end allowed successful\n authentication to the root distinguished name (DN) when any string was\n provided as a password. A remote user could use this flaw to access an\n OpenLDAP directory if they knew the value of the root DN. Note: This issue\n only affected OpenLDAP installations using the NDB back-end, which is only\n available for Red Hat Enterprise Linux 6 via third-party software.\n (CVE-2011-1025)\n\n A flaw was found in the way OpenLDAP handled modify relative distinguished\n name (modrdn) requests. A remote, unauthenticated user could use this flaw\n to crash an OpenLDAP server via a modrdn request containing an empty old\n RDN value. (CVE-2011-1081)\n\n Users of OpenLDAP should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing this update,\n the OpenLDAP daemons will be restarted automatically.", "modified": "2018-09-17T00:00:00", "published": "2011-03-11T00:00:00", "id": "REDHAT-RHSA-2011-0347.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52628", "title": "RHSA-2011-0347: compat-openldap", "type": "nessus", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text of this plugin is (C) Red Hat Inc.\n#\n\ninclude(\"compat.inc\");\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\nif(description)\n{\n script_id(52628);\n script_version (\"1.5\");\n\n script_name(english: \"RHSA-2011-0347: compat-openldap\");\n script_set_attribute(attribute: \"synopsis\", value: \n\"The remote host is missing the patch for the advisory RHSA-2011-0347\");\n script_set_attribute(attribute: \"description\", value: '\n Updated openldap packages that fix three security issues are now available\n for Red Hat Enterprise Linux 6.\n\n The Red Hat Security Response Team has rated this update as having moderate\n security impact. Common Vulnerability Scoring System (CVSS) base scores,\n which give detailed severity ratings, are available for each vulnerability\n from the CVE links in the References section.\n\n OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\n Protocol) applications and development tools.\n\n A flaw was found in the way OpenLDAP handled authentication failures being\n passed from an OpenLDAP slave to the master. If OpenLDAP was configured\n with a chain overlay and it forwarded authentication failures, OpenLDAP\n would bind to the directory as an anonymous user and return success, rather\n than return failure on the authenticated bind. This could allow a user on a\n system that uses LDAP for authentication to log into a directory-based\n account without knowing the password. (CVE-2011-1024)\n\n It was found that the OpenLDAP back-ndb back end allowed successful\n authentication to the root distinguished name (DN) when any string was\n provided as a password. A remote user could use this flaw to access an\n OpenLDAP directory if they knew the value of the root DN. Note: This issue\n only affected OpenLDAP installations using the NDB back-end, which is only\n available for Red Hat Enterprise Linux 6 via third-party software.\n (CVE-2011-1025)\n\n A flaw was found in the way OpenLDAP handled modify relative distinguished\n name (modrdn) requests. A remote, unauthenticated user could use this flaw\n to crash an OpenLDAP server via a modrdn request containing an empty old\n RDN value. (CVE-2011-1081)\n\n Users of OpenLDAP should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing this update,\n the OpenLDAP daemons will be restarted automatically.\n\n\n');\nscript_set_attribute(attribute: \"see_also\", value: \"http://rhn.redhat.com/errata/RHSA-2011-0347.html\");\n script_set_attribute(attribute: \"solution\", value: \"Update the affected package(s) using, for example, 'yum update'.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\nscript_set_attribute(attribute: \"plugin_type\", value: \"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2011/03/11\");\n script_cvs_date(\"Date: 2018/09/17 21:46:53\");\n\nscript_end_attributes();\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\nscript_summary(english: \"Check for the version of the compat-openldap packages\");\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english: \"Red Hat Local Security Checks\");\n script_dependencies(\"ssh_get_info.nasl\");\n \n script_require_keys(\"Host/RedHat/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif ( ! get_kb_item(\"Host/RedHat/rpm-list\") ) exit(1, \"Could not get the list of packages\");\n\nflag = 0;\n\n#if ( rpm_check( reference:\"compat-openldap-2.4.19_2.3.43-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif ( rpm_check( reference:\"openldap-2.4.19-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif ( rpm_check( reference:\"openldap-clients-2.4.19-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif ( rpm_check( reference:\"openldap-debuginfo-2.4.19-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif ( rpm_check( reference:\"openldap-devel-2.4.19-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif ( rpm_check( reference:\"openldap-servers-2.4.19-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif ( rpm_check( reference:\"openldap-servers-sql-2.4.19-15.el6_0.2\", release:'RHEL6') ) flag ++;\nif (flag)\n{\n security_warning(port:0, extra:rpm_report_get());\n exit(0);\n}\nexit(0, \"Host is not affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:14:24", "bulletinFamily": "scanner", "description": "A flaw was found in the way OpenLDAP handled authentication failures\nbeing passed from an OpenLDAP slave to the master. If OpenLDAP was\nconfigured with a chain overlay and it forwarded authentication\nfailures, OpenLDAP would bind to the directory as an anonymous user\nand return success, rather than return failure on the authenticated\nbind. This could allow a user on a system that uses LDAP for\nauthentication to log into a directory-based account without knowing\nthe password. (CVE-2011-1024)\n\nIt was found that the OpenLDAP back-ndb back end allowed successful\nauthentication to the root distinguished name (DN) when any string was\nprovided as a password. A remote user could use this flaw to access an\nOpenLDAP directory if they knew the value of the root DN. Note: This\nissue only affected OpenLDAP installations using the NDB back-end,\nwhich is only available for Scientific Linux 6 via third-party\nsoftware. (CVE-2011-1025)\n\nA flaw was found in the way OpenLDAP handled modify relative\ndistinguished name (modrdn) requests. A remote, unauthenticated user\ncould use this flaw to crash an OpenLDAP server via a modrdn request\ncontaining an empty old RDN value. (CVE-2011-1081)\n\nAfter installing this update, the OpenLDAP daemons will be restarted\nautomatically.", "modified": "2018-12-31T00:00:00", "published": "2012-08-01T00:00:00", "id": "SL_20110310_OPENLDAP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60988", "title": "Scientific Linux Security Update : openldap on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60988);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/31 11:35:00\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n\n script_name(english:\"Scientific Linux Security Update : openldap on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way OpenLDAP handled authentication failures\nbeing passed from an OpenLDAP slave to the master. If OpenLDAP was\nconfigured with a chain overlay and it forwarded authentication\nfailures, OpenLDAP would bind to the directory as an anonymous user\nand return success, rather than return failure on the authenticated\nbind. This could allow a user on a system that uses LDAP for\nauthentication to log into a directory-based account without knowing\nthe password. (CVE-2011-1024)\n\nIt was found that the OpenLDAP back-ndb back end allowed successful\nauthentication to the root distinguished name (DN) when any string was\nprovided as a password. A remote user could use this flaw to access an\nOpenLDAP directory if they knew the value of the root DN. Note: This\nissue only affected OpenLDAP installations using the NDB back-end,\nwhich is only available for Scientific Linux 6 via third-party\nsoftware. (CVE-2011-1025)\n\nA flaw was found in the way OpenLDAP handled modify relative\ndistinguished name (modrdn) requests. A remote, unauthenticated user\ncould use this flaw to crash an OpenLDAP server via a modrdn request\ncontaining an empty old RDN value. (CVE-2011-1081)\n\nAfter installing this update, the OpenLDAP daemons will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=8784\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d81c9531\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_exists(rpm:\"compat-openldap-2.4\", release:\"SL6\") && rpm_check(release:\"SL6\", reference:\"compat-openldap-2.4.19_2.3.43-15.el6_0.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openldap-2.4.19-15.el6_0.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openldap-clients-2.4.19-15.el6_0.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openldap-devel-2.4.19-15.el6_0.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openldap-servers-2.4.19-15.el6_0.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openldap-servers-sql-2.4.19-15.el6_0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:16:41", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2011:0346 :\n\nUpdated openldap packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nOpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures\nbeing passed from an OpenLDAP slave to the master. If OpenLDAP was\nconfigured with a chain overlay and it forwarded authentication\nfailures, OpenLDAP would bind to the directory as an anonymous user\nand return success, rather than return failure on the authenticated\nbind. This could allow a user on a system that uses LDAP for\nauthentication to log into a directory-based account without knowing\nthe password. (CVE-2011-1024)\n\nThis update also fixes the following bug :\n\n* Previously, multiple concurrent connections to an OpenLDAP server\ncould cause the slapd service to terminate unexpectedly with an\nassertion error. This update adds mutexes to protect multiple threads\nfrom accessing a structure with a connection, and the slapd service no\nlonger crashes. (BZ#677611)\n\nUsers of OpenLDAP should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the OpenLDAP daemons will be restarted automatically.", "modified": "2018-07-18T00:00:00", "published": "2013-07-12T00:00:00", "id": "ORACLELINUX_ELSA-2011-0346.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68228", "title": "Oracle Linux 5 : openldap (ELSA-2011-0346)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0346 and \n# Oracle Linux Security Advisory ELSA-2011-0346 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68228);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_xref(name:\"RHSA\", value:\"2011:0346\");\n\n script_name(english:\"Oracle Linux 5 : openldap (ELSA-2011-0346)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0346 :\n\nUpdated openldap packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nOpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures\nbeing passed from an OpenLDAP slave to the master. If OpenLDAP was\nconfigured with a chain overlay and it forwarded authentication\nfailures, OpenLDAP would bind to the directory as an anonymous user\nand return success, rather than return failure on the authenticated\nbind. This could allow a user on a system that uses LDAP for\nauthentication to log into a directory-based account without knowing\nthe password. (CVE-2011-1024)\n\nThis update also fixes the following bug :\n\n* Previously, multiple concurrent connections to an OpenLDAP server\ncould cause the slapd service to terminate unexpectedly with an\nassertion error. This update adds mutexes to protect multiple threads\nfrom accessing a structure with a connection, and the slapd service no\nlonger crashes. (BZ#677611)\n\nUsers of OpenLDAP should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the OpenLDAP daemons will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/001996.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openldap packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:compat-openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-servers-overlays\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openldap-servers-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"compat-openldap-2.3.43_2.2.29-12.el5_6.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-2.3.43-12.el5_6.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-clients-2.3.43-12.el5_6.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-devel-2.3.43-12.el5_6.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-servers-2.3.43-12.el5_6.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-servers-overlays-2.3.43-12.el5_6.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openldap-servers-sql-2.3.43-12.el5_6.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openldap / openldap / openldap-clients / openldap-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:57", "bulletinFamily": "scanner", "description": "It was discovered that OpenLDAP did not properly check forwarded\nauthentication failures when using a slave server and chain overlay.\nIf OpenLDAP were configured in this manner, an attacker could bypass\nauthentication checks by sending an invalid password to a slave\nserver. (CVE-2011-1024)\n\nIt was discovered that OpenLDAP did not properly perform\nauthentication checks to the rootdn when using the back-ndb backend.\nAn attacker could exploit this to access the directory by sending an\narbitrary password. Ubuntu does not ship OpenLDAP with back-ndb\nsupport by default. This issue did not affect Ubuntu 8.04 LTS.\n(CVE-2011-1025)\n\nIt was discovered that OpenLDAP did not properly validate modrdn\nrequests. An unauthenticated remote user could use this to cause a\ndenial of service via application crash. (CVE-2011-1081).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-12-01T00:00:00", "published": "2011-04-01T00:00:00", "id": "UBUNTU_USN-1100-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53257", "title": "Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openldap, openldap2.3 vulnerabilities (USN-1100-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1100-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53257);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/01 13:19:06\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_bugtraq_id(46363, 46831);\n script_xref(name:\"USN\", value:\"1100-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openldap, openldap2.3 vulnerabilities (USN-1100-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenLDAP did not properly check forwarded\nauthentication failures when using a slave server and chain overlay.\nIf OpenLDAP were configured in this manner, an attacker could bypass\nauthentication checks by sending an invalid password to a slave\nserver. (CVE-2011-1024)\n\nIt was discovered that OpenLDAP did not properly perform\nauthentication checks to the rootdn when using the back-ndb backend.\nAn attacker could exploit this to access the directory by sending an\narbitrary password. Ubuntu does not ship OpenLDAP with back-ndb\nsupport by default. This issue did not affect Ubuntu 8.04 LTS.\n(CVE-2011-1025)\n\nIt was discovered that OpenLDAP did not properly validate modrdn\nrequests. An unauthenticated remote user could use this to cause a\ndenial of service via application crash. (CVE-2011-1081).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1100-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ldap-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldap-2.4-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldap-2.4-2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libldap2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:slapd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:slapd-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"ldap-utils\", pkgver:\"2.4.9-0ubuntu0.8.04.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libldap-2.4-2\", pkgver:\"2.4.9-0ubuntu0.8.04.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libldap-2.4-2-dbg\", pkgver:\"2.4.9-0ubuntu0.8.04.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libldap2-dev\", pkgver:\"2.4.9-0ubuntu0.8.04.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"slapd\", pkgver:\"2.4.9-0ubuntu0.8.04.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"slapd-dbg\", pkgver:\"2.4.9-0ubuntu0.8.04.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"ldap-utils\", pkgver:\"2.4.18-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libldap-2.4-2\", pkgver:\"2.4.18-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libldap-2.4-2-dbg\", pkgver:\"2.4.18-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libldap2-dev\", pkgver:\"2.4.18-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"slapd\", pkgver:\"2.4.18-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"slapd-dbg\", pkgver:\"2.4.18-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"ldap-utils\", pkgver:\"2.4.21-0ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libldap-2.4-2\", pkgver:\"2.4.21-0ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libldap-2.4-2-dbg\", pkgver:\"2.4.21-0ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libldap2-dev\", pkgver:\"2.4.21-0ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"slapd\", pkgver:\"2.4.21-0ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"slapd-dbg\", pkgver:\"2.4.21-0ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"ldap-utils\", pkgver:\"2.4.23-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libldap-2.4-2\", pkgver:\"2.4.23-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libldap-2.4-2-dbg\", pkgver:\"2.4.23-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libldap2-dev\", pkgver:\"2.4.23-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"slapd\", pkgver:\"2.4.23-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"slapd-dbg\", pkgver:\"2.4.23-0ubuntu3.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ldap-utils / libldap-2.4-2 / libldap-2.4-2-dbg / libldap2-dev / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:53", "bulletinFamily": "scanner", "description": "Updated openldap packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nOpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures\nbeing passed from an OpenLDAP slave to the master. If OpenLDAP was\nconfigured with a chain overlay and it forwarded authentication\nfailures, OpenLDAP would bind to the directory as an anonymous user\nand return success, rather than return failure on the authenticated\nbind. This could allow a user on a system that uses LDAP for\nauthentication to log into a directory-based account without knowing\nthe password. (CVE-2011-1024)\n\nThis update also fixes the following bug :\n\n* Previously, multiple concurrent connections to an OpenLDAP server\ncould cause the slapd service to terminate unexpectedly with an\nassertion error. This update adds mutexes to protect multiple threads\nfrom accessing a structure with a connection, and the slapd service no\nlonger crashes. (BZ#677611)\n\nUsers of OpenLDAP should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the OpenLDAP daemons will be restarted automatically.", "modified": "2018-11-26T00:00:00", "published": "2011-03-11T00:00:00", "id": "REDHAT-RHSA-2011-0346.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52627", "title": "RHEL 5 : openldap (RHSA-2011:0346)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0346. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52627);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/11/26 11:02:14\");\n\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_xref(name:\"RHSA\", value:\"2011:0346\");\n\n script_name(english:\"RHEL 5 : openldap (RHSA-2011:0346)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openldap packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nOpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures\nbeing passed from an OpenLDAP slave to the master. If OpenLDAP was\nconfigured with a chain overlay and it forwarded authentication\nfailures, OpenLDAP would bind to the directory as an anonymous user\nand return success, rather than return failure on the authenticated\nbind. This could allow a user on a system that uses LDAP for\nauthentication to log into a directory-based account without knowing\nthe password. (CVE-2011-1024)\n\nThis update also fixes the following bug :\n\n* Previously, multiple concurrent connections to an OpenLDAP server\ncould cause the slapd service to terminate unexpectedly with an\nassertion error. This update adds mutexes to protect multiple threads\nfrom accessing a structure with a connection, and the slapd service no\nlonger crashes. (BZ#677611)\n\nUsers of OpenLDAP should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthis update, the OpenLDAP daemons will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0346\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:compat-openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-servers-overlays\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openldap-servers-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0346\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"compat-openldap-2.3.43_2.2.29-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openldap-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-clients-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-clients-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-clients-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openldap-devel-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-servers-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-servers-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-servers-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-servers-overlays-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-servers-overlays-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-servers-overlays-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openldap-servers-sql-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openldap-servers-sql-2.3.43-12.el5_6.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openldap-servers-sql-2.3.43-12.el5_6.7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-openldap / openldap / openldap-clients / openldap-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-11-19T13:07:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:1361412562310831356", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831356", "title": "Mandriva Update for openldap MDVSA-2011:055 (openldap)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openldap MDVSA-2011:055 (openldap)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-03/msg00014.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831356\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:055\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n script_name(\"Mandriva Update for openldap MDVSA-2011:055 (openldap)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openldap'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2009\\.0)\");\n script_tag(name:\"affected\", value:\"openldap on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been identified and fixed in openldap:\n\n chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24,\n when a master-slave configuration with a chain overlay and\n ppolicy_forward_updates (aka authentication-failure forwarding) is\n used, allows remote authenticated users to bypass external-program\n authentication by sending an invalid password to a slave server\n (CVE-2011-1024).\n\n modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\n attackers to cause a denial of service (daemon crash) via a relative\n Distinguished Name (DN) modification request (aka MODRDN operation)\n that contains an empty value for the OldDN field (CVE-2011-1081).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been patched to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:43", "bulletinFamily": "scanner", "description": "Check for the Version of openldap", "modified": "2017-07-06T00:00:00", "published": "2011-04-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831356", "id": "OPENVAS:831356", "title": "Mandriva Update for openldap MDVSA-2011:055 (openldap)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openldap MDVSA-2011:055 (openldap)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and fixed in openldap:\n\n chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24,\n when a master-slave configuration with a chain overlay and\n ppolicy_forward_updates (aka authentication-failure forwarding) is\n used, allows remote authenticated users to bypass external-program\n authentication by sending an invalid password to a slave server\n (CVE-2011-1024).\n \n modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\n attackers to cause a denial of service (daemon crash) via a relative\n Distinguished Name (DN) modification request (aka MODRDN operation)\n that contains an empty value for the OldDN field (CVE-2011-1081).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openldap on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-03/msg00014.php\");\n script_id(831356);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:055\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1081\");\n script_name(\"Mandriva Update for openldap MDVSA-2011:055 (openldap)\");\n\n script_summary(\"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.11~3.4mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.11~3.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:03:10", "bulletinFamily": "scanner", "description": "Check for the Version of openldap", "modified": "2018-04-06T00:00:00", "published": "2011-09-27T00:00:00", "id": "OPENVAS:1361412562310863542", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863542", "title": "Fedora Update for openldap FEDORA-2011-3627", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openldap FEDORA-2011-3627\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openldap on Fedora 14\";\ntag_insight = \"OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\n Protocol) applications and development tools. LDAP is a set of\n protocols for accessing directory services (usually phone book style\n information, but other information is possible) over the Internet,\n similar to the way DNS (Domain Name System) information is propagated\n over the Internet. The openldap package contains configuration files,\n libraries, and documentation for OpenLDAP.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066251.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863542\");\n script_version(\"$Revision: 9371 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:55:06 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-3627\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_name(\"Fedora Update for openldap FEDORA-2011-3627\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.23~10.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:29", "bulletinFamily": "scanner", "description": "Check for the Version of openldap", "modified": "2017-07-06T00:00:00", "published": "2011-04-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831355", "id": "OPENVAS:831355", "title": "Mandriva Update for openldap MDVSA-2011:056 (openldap)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openldap MDVSA-2011:056 (openldap)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and fixed in openldap:\n\n chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24,\n when a master-slave configuration with a chain overlay and\n ppolicy_forward_updates (aka authentication-failure forwarding) is\n used, allows remote authenticated users to bypass external-program\n authentication by sending an invalid password to a slave server\n (CVE-2011-1024).\n \n bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require\n authentication for the root Distinguished Name (DN), which allows\n remote attackers to bypass intended access restrictions via an\n arbitrary password (CVE-2011-1025).\n \n modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\n attackers to cause a denial of service (daemon crash) via a relative\n Distinguished Name (DN) modification request (aka MODRDN operation)\n that contains an empty value for the OldDN field (CVE-2011-1081).\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"openldap on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-03/msg00015.php\");\n script_id(831355);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:056\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_name(\"Mandriva Update for openldap MDVSA-2011:056 (openldap)\");\n\n script_summary(\"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:13:33", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-02-25T00:00:00", "published": "2011-03-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=68939", "id": "OPENVAS:68939", "title": "FreeBSD Ports: openldap-server", "type": "openvas", "sourceData": "#\n#VID be3dfe33-410b-11e0-9e02-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID be3dfe33-410b-11e0-9e02-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: openldap-server\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/43331/\nhttp://www.vuxml.org/freebsd/be3dfe33-410b-11e0-9e02-00215c6a37bb.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(68939);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-05 22:25:39 +0100 (Sat, 05 Mar 2011)\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_bugtraq_id(46363, 46831);\n script_tag(name:\"cvss_base\", value:\"6.8\"); \n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: openldap-server\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"openldap-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4.0\")>0 && revcomp(a:bver, b:\"2.4.24\")<0) {\n txt += 'Package openldap-server version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:07:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-04-01T00:00:00", "id": "OPENVAS:1361412562310831355", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831355", "title": "Mandriva Update for openldap MDVSA-2011:056 (openldap)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for openldap MDVSA-2011:056 (openldap)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-03/msg00015.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831355\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:056\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_name(\"Mandriva Update for openldap MDVSA-2011:056 (openldap)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openldap'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2010\\.1|2010\\.0)\");\n script_tag(name:\"affected\", value:\"openldap on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been identified and fixed in openldap:\n\n chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24,\n when a master-slave configuration with a chain overlay and\n ppolicy_forward_updates (aka authentication-failure forwarding) is\n used, allows remote authenticated users to bypass external-program\n authentication by sending an invalid password to a slave server\n (CVE-2011-1024).\n\n bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require\n authentication for the root Distinguished Name (DN), which allows\n remote attackers to bypass intended access restrictions via an\n arbitrary password (CVE-2011-1025).\n\n modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\n attackers to cause a denial of service (daemon crash) via a relative\n Distinguished Name (DN) modification request (aka MODRDN operation)\n that contains an empty value for the OldDN field (CVE-2011-1081).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.22~2.2mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2\", rpm:\"libldap2.4_2~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-devel\", rpm:\"libldap2.4_2-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libldap2.4_2-static-devel\", rpm:\"libldap2.4_2-static-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-doc\", rpm:\"openldap-doc~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-testprogs\", rpm:\"openldap-testprogs~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-tests\", rpm:\"openldap-tests~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2\", rpm:\"lib64ldap2.4_2~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-devel\", rpm:\"lib64ldap2.4_2-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ldap2.4_2-static-devel\", rpm:\"lib64ldap2.4_2-static-devel~2.4.19~2.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:27:18", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1100-1", "modified": "2017-12-01T00:00:00", "published": "2011-04-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840624", "id": "OPENVAS:840624", "title": "Ubuntu Update for openldap, openldap2.3 vulnerabilities USN-1100-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1100_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for openldap, openldap2.3 vulnerabilities USN-1100-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that OpenLDAP did not properly check forwarded\n authentication failures when using a slave server and chain overlay. If\n OpenLDAP were configured in this manner, an attacker could bypass\n authentication checks by sending an invalid password to a slave server.\n (CVE-2011-1024)\n\n It was discovered that OpenLDAP did not properly perform authentication\n checks to the rootdn when using the back-ndb backend. An attacker could\n exploit this to access the directory by sending an arbitrary password.\n Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue\n did not affect Ubuntu 8.04 LTS. (CVE-2011-1025)\n \n It was discovered that OpenLDAP did not properly validate modrdn requests.\n An unauthenticated remote user could use this to cause a denial of service\n via application crash. (CVE-2011-1081)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1100-1\";\ntag_affected = \"openldap, openldap2.3 vulnerabilities on Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1100-1/\");\n script_id(840624);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1100-1\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_name(\"Ubuntu Update for openldap, openldap2.3 vulnerabilities USN-1100-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.4.18-0ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2-dbg\", ver:\"2.4.18-0ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2\", ver:\"2.4.18-0ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap2-dev\", ver:\"2.4.18-0ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd-dbg\", ver:\"2.4.18-0ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.4.18-0ubuntu1.2\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.4.23-0ubuntu3.5\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2-dbg\", ver:\"2.4.23-0ubuntu3.5\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2\", ver:\"2.4.23-0ubuntu3.5\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap2-dev\", ver:\"2.4.23-0ubuntu3.5\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd-dbg\", ver:\"2.4.23-0ubuntu3.5\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.4.23-0ubuntu3.5\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.4.21-0ubuntu5.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2-dbg\", ver:\"2.4.21-0ubuntu5.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2\", ver:\"2.4.21-0ubuntu5.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap2-dev\", ver:\"2.4.21-0ubuntu5.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd-dbg\", ver:\"2.4.21-0ubuntu5.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.4.21-0ubuntu5.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"ldap-utils\", ver:\"2.4.9-0ubuntu0.8.04.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2-dbg\", ver:\"2.4.9-0ubuntu0.8.04.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap-2.4-2\", ver:\"2.4.9-0ubuntu0.8.04.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libldap2-dev\", ver:\"2.4.9-0ubuntu0.8.04.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd-dbg\", ver:\"2.4.9-0ubuntu0.8.04.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"slapd\", ver:\"2.4.9-0ubuntu0.8.04.5\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-08T12:47:34", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2011-03-05T00:00:00", "id": "OPENVAS:136141256231068939", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068939", "title": "FreeBSD Ports: openldap-server", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_openldap-server2.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID be3dfe33-410b-11e0-9e02-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68939\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-05 22:25:39 +0100 (Sat, 05 Mar 2011)\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_bugtraq_id(46363, 46831);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: openldap-server\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: openldap-server\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/43331/\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/be3dfe33-410b-11e0-9e02-00215c6a37bb.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"openldap-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.4.0\")>0 && revcomp(a:bver, b:\"2.4.24\")<0) {\n txt += 'Package openldap-server version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:32", "bulletinFamily": "scanner", "description": "Check for the Version of openldap", "modified": "2017-07-10T00:00:00", "published": "2011-09-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=863542", "id": "OPENVAS:863542", "title": "Fedora Update for openldap FEDORA-2011-3627", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openldap FEDORA-2011-3627\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openldap on Fedora 14\";\ntag_insight = \"OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\n Protocol) applications and development tools. LDAP is a set of\n protocols for accessing directory services (usually phone book style\n information, but other information is possible) over the Internet,\n similar to the way DNS (Domain Name System) information is propagated\n over the Internet. The openldap package contains configuration files,\n libraries, and documentation for OpenLDAP.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066251.html\");\n script_id(863542);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-3627\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_name(\"Fedora Update for openldap FEDORA-2011-3627\");\n\n script_summary(\"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.23~10.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:31", "bulletinFamily": "scanner", "description": "Check for the Version of openldap", "modified": "2018-01-09T00:00:00", "published": "2012-06-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870620", "id": "OPENVAS:870620", "title": "RedHat Update for openldap RHSA-2011:0347-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openldap RHSA-2011:0347-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\n Protocol) applications and development tools.\n\n A flaw was found in the way OpenLDAP handled authentication failures being\n passed from an OpenLDAP slave to the master. If OpenLDAP was configured\n with a chain overlay and it forwarded authentication failures, OpenLDAP\n would bind to the directory as an anonymous user and return success, rather\n than return failure on the authenticated bind. This could allow a user on a\n system that uses LDAP for authentication to log into a directory-based\n account without knowing the password. (CVE-2011-1024)\n\n It was found that the OpenLDAP back-ndb back end allowed successful\n authentication to the root distinguished name (DN) when any string was\n provided as a password. A remote user could use this flaw to access an\n OpenLDAP directory if they knew the value of the root DN. Note: This issue\n only affected OpenLDAP installations using the NDB back-end, which is only\n available for Red Hat Enterprise Linux 6 via third-party software.\n (CVE-2011-1025)\n\n A flaw was found in the way OpenLDAP handled modify relative distinguished\n name (modrdn) requests. A remote, unauthenticated user could use this flaw\n to crash an OpenLDAP server via a modrdn request containing an empty old\n RDN value. (CVE-2011-1081)\n\n Users of OpenLDAP should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing this update,\n the OpenLDAP daemons will be restarted automatically.\";\n\ntag_affected = \"openldap on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00025.html\");\n script_id(870620);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:34:45 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2011-1024\", \"CVE-2011-1025\", \"CVE-2011-1081\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0347-01\");\n script_name(\"RedHat Update for openldap RHSA-2011:0347-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of openldap\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"compat-openldap\", rpm:\"compat-openldap~2.4.19_2.3.43~15.el6_0.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap\", rpm:\"openldap~2.4.19~15.el6_0.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-clients\", rpm:\"openldap-clients~2.4.19~15.el6_0.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-debuginfo\", rpm:\"openldap-debuginfo~2.4.19~15.el6_0.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-devel\", rpm:\"openldap-devel~2.4.19~15.el6_0.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openldap-servers\", rpm:\"openldap-servers~2.4.19~15.el6_0.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2011:055\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : openldap\r\n Date : March 30, 2011\r\n Affected: 2009.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been identified and fixed in openldap:\r\n \r\n chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24,\r\n when a master-slave configuration with a chain overlay and\r\n ppolicy_forward_updates (aka authentication-failure forwarding) is\r\n used, allows remote authenticated users to bypass external-program\r\n authentication by sending an invalid password to a slave server\r\n (CVE-2011-1024).\r\n \r\n modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote\r\n attackers to cause a denial of service (daemon crash) via a relative\r\n Distinguished Name (DN) modification request (aka MODRDN operation)\r\n that contains an empty value for the OldDN field (CVE-2011-1081).\r\n \r\n Packages for 2009.0 are provided as of the Extended Maintenance\r\n Program. Please visit this link to learn more:\r\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\r\n \r\n The updated packages have been patched to correct these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1024\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1081\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n 83ccec2a20904df9a0ca143da248d5d9 2009.0/i586/libldap2.4_2-2.4.11-3.4mdv2009.0.i586.rpm\r\n 71b97d10738a74644373e91269eaeed6 2009.0/i586/libldap2.4_2-devel-2.4.11-3.4mdv2009.0.i586.rpm\r\n 9d8ed8fde6288f8883bb1d13344e047a 2009.0/i586/libldap2.4_2-static-devel-2.4.11-3.4mdv2009.0.i586.rpm\r\n fb3d985950e150a02e8c230a311051c3 2009.0/i586/openldap-2.4.11-3.4mdv2009.0.i586.rpm\r\n ba4a65282d12a598e1e951080a18565f 2009.0/i586/openldap-clients-2.4.11-3.4mdv2009.0.i586.rpm\r\n ed18a20fa96960cfc10034c732b56b2c 2009.0/i586/openldap-doc-2.4.11-3.4mdv2009.0.i586.rpm\r\n e68073473f08adf052cc166ea2f2c8e5 2009.0/i586/openldap-servers-2.4.11-3.4mdv2009.0.i586.rpm\r\n ff1dcd171670dbb0e84845761baec2d4 2009.0/i586/openldap-testprogs-2.4.11-3.4mdv2009.0.i586.rpm\r\n 7f9e1581e730cc69109db37dd63453ba 2009.0/i586/openldap-tests-2.4.11-3.4mdv2009.0.i586.rpm \r\n 1b9fa8641f7f41d4dd859e73170d0b34 2009.0/SRPMS/openldap-2.4.11-3.4mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n ecf971b49682fb6637c335f2790413db 2009.0/x86_64/lib64ldap2.4_2-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n df29b7188a9b48141288950b00f2d7c9 2009.0/x86_64/lib64ldap2.4_2-devel-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n fbdfbe6bb56cbe74c4c35a711450ae04 2009.0/x86_64/lib64ldap2.4_2-static-devel-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n 6336cf856ad3fd9cb71e69f89ae621a5 2009.0/x86_64/openldap-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n 08cbb77b99ee361f06650fd04ab954c4 2009.0/x86_64/openldap-clients-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n 9f1bcc61420e107387d20afcbfbda8ca 2009.0/x86_64/openldap-doc-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n a23b50b362db34c35d7e206147e40d1d 2009.0/x86_64/openldap-servers-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n 0726dd1f6b44f0c215a3c27644e426db 2009.0/x86_64/openldap-testprogs-2.4.11-3.4mdv2009.0.x86_64.rpm\r\n e66476117347d5c19ac64b6bf3a00484 2009.0/x86_64/openldap-tests-2.4.11-3.4mdv2009.0.x86_64.rpm \r\n 1b9fa8641f7f41d4dd859e73170d0b34 2009.0/SRPMS/openldap-2.4.11-3.4mdv2009.0.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 21948fd7dce8ce2c4c8fef768cfebda2 mes5/i586/libldap2.4_2-2.4.11-3.4mdvmes5.2.i586.rpm\r\n 7857e09b074a340d74373b90900d7669 mes5/i586/libldap2.4_2-devel-2.4.11-3.4mdvmes5.2.i586.rpm\r\n 9d2e59be28483bcf3acb4ff25089a390 mes5/i586/libldap2.4_2-static-devel-2.4.11-3.4mdvmes5.2.i586.rpm\r\n 2c3d52c077a56fa832d2d4209ad46834 mes5/i586/openldap-2.4.11-3.4mdvmes5.2.i586.rpm\r\n acc2717ad2b29a7b02ba7f943ef92416 mes5/i586/openldap-clients-2.4.11-3.4mdvmes5.2.i586.rpm\r\n d3deba0317c9f52ec463928a190dec51 mes5/i586/openldap-doc-2.4.11-3.4mdvmes5.2.i586.rpm\r\n f4da14b20cccf8a3059bf512ba839fb4 mes5/i586/openldap-servers-2.4.11-3.4mdvmes5.2.i586.rpm\r\n 3c34b1a9af109ee763cb26ee7615e60c mes5/i586/openldap-testprogs-2.4.11-3.4mdvmes5.2.i586.rpm\r\n a52cf23420f23ed3d3ac84abe446ae92 mes5/i586/openldap-tests-2.4.11-3.4mdvmes5.2.i586.rpm \r\n b9bced393f520051e28a489c6d8ff9ab mes5/SRPMS/openldap-2.4.11-3.4mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n aa04b9b7aa03aab2ec36bf7027339ea6 mes5/x86_64/lib64ldap2.4_2-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n 7ef3c991e2bc597b527af6b1f4fbbe45 mes5/x86_64/lib64ldap2.4_2-devel-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n 978ea5eed1b8957f352503e1d1036f37 mes5/x86_64/lib64ldap2.4_2-static-devel-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n 2805cdd7f4b21269cbb7867492022743 mes5/x86_64/openldap-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n fd58b85bd63050c9e92947cda1e9c7ca mes5/x86_64/openldap-clients-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n f4f917d985b61cf253ef64d5b488ae55 mes5/x86_64/openldap-doc-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n 6717e80f594124b5a453f34945cf626b mes5/x86_64/openldap-servers-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n a4533095a840c1dcb204f980555f885a mes5/x86_64/openldap-testprogs-2.4.11-3.4mdvmes5.2.x86_64.rpm\r\n abb0169c24cee8546bfa9e59d3e602e7 mes5/x86_64/openldap-tests-2.4.11-3.4mdvmes5.2.x86_64.rpm \r\n b9bced393f520051e28a489c6d8ff9ab mes5/SRPMS/openldap-2.4.11-3.4mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFNkv3xmqjQ0CJFipgRAqQSAKCc3vPvJODiYO5xcI5stKqfUAsbAQCeJSyY\r\nd2dZNLuNg8Fe8uz62O13Pfk=\r\n=/zxu\r\n-----END PGP SIGNATURE-----", "modified": "2011-03-31T00:00:00", "published": "2011-03-31T00:00:00", "id": "SECURITYVULNS:DOC:26039", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26039", "title": "[ MDVSA-2011:055 ] openldap", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:08", "bulletinFamily": "unix", "description": "[2.4.19-15.2]\n- fix: security - DoS when submitting special MODRDN request (#680975)\n[2.4.19-15.1]\n- fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success\n- fix: CVE-2011-1025 rootpw is not verified for ndb backend", "modified": "2011-03-10T00:00:00", "published": "2011-03-10T00:00:00", "id": "ELSA-2011-0347", "href": "http://linux.oracle.com/errata/ELSA-2011-0347.html", "title": "openldap security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:40:01", "bulletinFamily": "unix", "description": "[2.3.43-12.7]\n- fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success (#680484)\n[2.3.43-12.6]\n- fix: slapd concurrent access to connections causes slapd to silently die (#677611)", "modified": "2011-03-10T00:00:00", "published": "2011-03-10T00:00:00", "id": "ELSA-2011-0346", "href": "http://linux.oracle.com/errata/ELSA-2011-0346.html", "title": "openldap security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T19:42:37", "bulletinFamily": "unix", "description": "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures being\npassed from an OpenLDAP slave to the master. If OpenLDAP was configured\nwith a chain overlay and it forwarded authentication failures, OpenLDAP\nwould bind to the directory as an anonymous user and return success, rather\nthan return failure on the authenticated bind. This could allow a user on a\nsystem that uses LDAP for authentication to log into a directory-based\naccount without knowing the password. (CVE-2011-1024)\n\nIt was found that the OpenLDAP back-ndb back end allowed successful\nauthentication to the root distinguished name (DN) when any string was\nprovided as a password. A remote user could use this flaw to access an\nOpenLDAP directory if they knew the value of the root DN. Note: This issue\nonly affected OpenLDAP installations using the NDB back-end, which is only\navailable for Red Hat Enterprise Linux 6 via third-party software.\n(CVE-2011-1025)\n\nA flaw was found in the way OpenLDAP handled modify relative distinguished\nname (modrdn) requests. A remote, unauthenticated user could use this flaw\nto crash an OpenLDAP server via a modrdn request containing an empty old\nRDN value. (CVE-2011-1081)\n\nUsers of OpenLDAP should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing this update,\nthe OpenLDAP daemons will be restarted automatically.\n", "modified": "2018-06-06T20:24:23", "published": "2011-03-10T05:00:00", "id": "RHSA-2011:0347", "href": "https://access.redhat.com/errata/RHSA-2011:0347", "type": "redhat", "title": "(RHSA-2011:0347) Moderate: openldap security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:42:30", "bulletinFamily": "unix", "description": "OpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures being\npassed from an OpenLDAP slave to the master. If OpenLDAP was configured\nwith a chain overlay and it forwarded authentication failures, OpenLDAP\nwould bind to the directory as an anonymous user and return success, rather\nthan return failure on the authenticated bind. This could allow a user on a\nsystem that uses LDAP for authentication to log into a directory-based\naccount without knowing the password. (CVE-2011-1024)\n\nThis update also fixes the following bug:\n\n* Previously, multiple concurrent connections to an OpenLDAP server could\ncause the slapd service to terminate unexpectedly with an assertion error.\nThis update adds mutexes to protect multiple threads from accessing a\nstructure with a connection, and the slapd service no longer crashes.\n(BZ#677611)\n\nUsers of OpenLDAP should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing this update,\nthe OpenLDAP daemons will be restarted automatically.\n", "modified": "2017-09-08T11:51:50", "published": "2011-03-10T05:00:00", "id": "RHSA-2011:0346", "href": "https://access.redhat.com/errata/RHSA-2011:0346", "type": "redhat", "title": "(RHSA-2011:0346) Moderate: openldap security and bug fix update", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-05-25T03:57:25", "bulletinFamily": "unix", "description": "The rhev-hypervisor package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA NULL pointer dereference flaw was found in the Generic Receive Offload\n(GRO) functionality in the Linux kernel's networking implementation. If\nboth GRO and promiscuous mode were enabled on an interface in a virtual LAN\n(VLAN), it could result in a denial of service when a malformed VLAN frame\nis received on that interface. (CVE-2011-1478)\n\nRed Hat would like to thank Ryan Sweat for reporting CVE-2011-1478.\n\nThis updated package provides updated components that include fixes for\nsecurity issues; however, these issues have no security impact for Red Hat\nEnterprise Virtualization Hypervisor. These fixes are for dbus issue\nCVE-2010-4352; kernel issues CVE-2010-4346, CVE-2011-0521, CVE-2011-0710,\nCVE-2011-1010, and CVE-2011-1090; libvirt issue CVE-2011-1146; and openldap\nissue CVE-2011-1024.\n\nThis update also fixes the following bug:\n\n* Previously, network drivers that had Large Receive Offload (LRO) enabled\nby default caused the system to run slow when using software bridging. With\nthis update, Red Hat Enterprise Virtualization Hypervisor disables LRO as a\npart of a modprobe configuration. (BZ#692864)\n\nAlso in this erratum, the rhev-hypervisor-pxe RPM has been dropped.\n\nAs Red Hat Enterprise Virtualization Hypervisor includes Red Hat Enterprise\nVirtualization Manager Agent (VDSM), the bug fixes from the VDSM update\nRHBA-2011:0424 have been included in this update:\n\nhttps://rhn.redhat.com/errata/RHBA-2011-0424.html\n\nUsers of Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which resolves these issues.\n", "modified": "2018-05-25T06:35:35", "published": "2011-04-13T04:00:00", "id": "RHSA-2011:0439", "href": "https://access.redhat.com/errata/RHSA-2011:0439", "type": "redhat", "title": "(RHSA-2011:0439) Moderate: rhev-hypervisor security and bug fix update", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:29", "bulletinFamily": "unix", "description": "It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. (CVE-2011-1024)\n\nIt was discovered that OpenLDAP did not properly perform authentication checks to the rootdn when using the back-ndb backend. An attacker could exploit this to access the directory by sending an arbitrary password. Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue did not affect Ubuntu 8.04 LTS. (CVE-2011-1025)\n\nIt was discovered that OpenLDAP did not properly validate modrdn requests. An unauthenticated remote user could use this to cause a denial of service via application crash. (CVE-2011-1081)", "modified": "2011-03-31T00:00:00", "published": "2011-03-31T00:00:00", "id": "USN-1100-1", "href": "https://usn.ubuntu.com/1100-1/", "title": "OpenLDAP vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-04T01:18:55", "bulletinFamily": "exploit", "description": "OpenLDAP 2.4.x 'modrdn' NULL OldDN Remote Denial of Service Vulnerability. CVE-2011-1081. Dos exploit for linux platform", "modified": "2011-01-03T00:00:00", "published": "2011-01-03T00:00:00", "id": "EDB-ID:35445", "href": "https://www.exploit-db.com/exploits/35445/", "type": "exploitdb", "title": "OpenLDAP 2.4.x - 'modrdn' NULL OldDN Remote Denial of Service Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/46831/info\r\n\r\nOpenLDAP is prone to a remote denial-of-service vulnerability that affects the 'modify relative distinguished name' (modrdn) command.\r\n\r\nAttackers can exploit this issue to deny service to legitimate users by crashing affected 'slapd' servers. \r\n\r\nldapmodrdn -x -H ldap://ldapserver -r '' o=test ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/35445/"}], "centos": [{"lastseen": "2017-10-03T18:25:01", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2011:0346\n\n\nOpenLDAP is an open source suite of LDAP (Lightweight Directory Access\nProtocol) applications and development tools.\n\nA flaw was found in the way OpenLDAP handled authentication failures being\npassed from an OpenLDAP slave to the master. If OpenLDAP was configured\nwith a chain overlay and it forwarded authentication failures, OpenLDAP\nwould bind to the directory as an anonymous user and return success, rather\nthan return failure on the authenticated bind. This could allow a user on a\nsystem that uses LDAP for authentication to log into a directory-based\naccount without knowing the password. (CVE-2011-1024)\n\nThis update also fixes the following bug:\n\n* Previously, multiple concurrent connections to an OpenLDAP server could\ncause the slapd service to terminate unexpectedly with an assertion error.\nThis update adds mutexes to protect multiple threads from accessing a\nstructure with a connection, and the slapd service no longer crashes.\n(BZ#677611)\n\nUsers of OpenLDAP should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing this update,\nthe OpenLDAP daemons will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/017375.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/017376.html\n\n**Affected packages:**\ncompat-openldap\nopenldap\nopenldap-clients\nopenldap-devel\nopenldap-servers\nopenldap-servers-overlays\nopenldap-servers-sql\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0346.html", "modified": "2011-04-14T19:48:17", "published": "2011-04-14T19:48:17", "href": "http://lists.centos.org/pipermail/centos-announce/2011-April/017375.html", "id": "CESA-2011:0346", "title": "compat, openldap security update", "type": "centos", "cvss": {"score": 4.6, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:35", "bulletinFamily": "unix", "description": "### Background\n\nOpenLDAP is an LDAP suite of application and development tools.\n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenLDAP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on SSL connections made using OpenLDAP, bypass security restrictions or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenLDAP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-nds/openldap-2.4.35\"", "modified": "2014-06-30T00:00:00", "published": "2014-06-30T00:00:00", "id": "GLSA-201406-36", "href": "https://security.gentoo.org/glsa/201406-36", "type": "gentoo", "title": "OpenLDAP: Multiple vulnerabilities", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}