Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:208-1 (openldap)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57575

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:208-1 (openldap)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to openldap
announced via advisory MDKSA-2006:208-1.

An unspecified vulnerability in OpenLDAP allows remote attackers to
cause a denial of service (daemon crash) via a certain combination of
SASL Bind requests that triggers an assertion failure in libldap.

Packages have been patched to correct this issue.

Update:

Packages for Corp4 were built from the wrong src.rpm, breaking Heimdal
Kerboros and possibly other support. Updated packages are being
provided to correct this issue.

Affected: Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:208-1

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-5779
BugTraq ID: 20939
http://www.securityfocus.com/bid/20939
Bugtraq: 20061106 VulnDisco Pack for Metasploit (Google Search)
http://www.securityfocus.com/archive/1/450728/100/0/threaded
http://security.gentoo.org/glsa/glsa-200611-25.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:208
http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz
http://gleg.net/vulndisco_meta.shtml
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.033-openldap.html
http://securitytracker.com/id?1017166
http://secunia.com/advisories/22750
http://secunia.com/advisories/22953
http://secunia.com/advisories/22996
http://secunia.com/advisories/23125
http://secunia.com/advisories/23133
http://secunia.com/advisories/23152
http://secunia.com/advisories/23170
http://securityreason.com/securityalert/1831
SuSE Security Announcement: SUSE-SA:2006:072 (Google Search)
http://www.novell.com/linux/security/advisories/2006_72_openldap2.html
http://www.trustix.org/errata/2006/0066/
http://www.ubuntu.com/usn/usn-384-1
http://www.vupen.com/english/advisories/2006/4379
XForce ISS Database: openldap-bind-dos(30076)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30076

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57575
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:208-1 (openldap)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openldap announced via advisory MDKSA-2006:208-1. An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap. Packages have been patched to correct this issue. Update: Packages for Corp4 were built from the wrong src.rpm, breaking Heimdal Kerboros and possibly other support. Updated packages are being provided to correct this issue. Affected: Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:208-1 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5779 BugTraq ID: 20939 http://www.securityfocus.com/bid/20939 Bugtraq: 20061106 VulnDisco Pack for Metasploit (Google Search) http://www.securityfocus.com/archive/1/450728/100/0/threaded http://security.gentoo.org/glsa/glsa-200611-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:208 http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz http://gleg.net/vulndisco_meta.shtml http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.033-openldap.html http://securitytracker.com/id?1017166 http://secunia.com/advisories/22750 http://secunia.com/advisories/22953 http://secunia.com/advisories/22996 http://secunia.com/advisories/23125 http://secunia.com/advisories/23133 http://secunia.com/advisories/23152 http://secunia.com/advisories/23170 http://securityreason.com/securityalert/1831 SuSE Security Announcement: SUSE-SA:2006:072 (Google Search) http://www.novell.com/linux/security/advisories/2006_72_openldap2.html http://www.trustix.org/errata/2006/0066/ http://www.ubuntu.com/usn/usn-384-1 http://www.vupen.com/english/advisories/2006/4379 XForce ISS Database: openldap-bind-dos(30076) https://exchange.xforce.ibmcloud.com/vulnerabilities/30076
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com