Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-5
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date : 21 Jan 2003
Last revised           : 01 Apr 2003

Package : openldap

Summry : Buffer overflows

More information :
    Several buffer overflows in openldap.

Impact :
    Local attackers can gain root privileges.

Affected Products :
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation
    - Turbolinux Server 6.5
    - Turbolinux Advanced Server 6
    - Turbolinux Server 6.1

Solution :
    Please use turbopkg tool to apply the update.

    If you need to confirm the version of current installed
    package, please issue rpm command as :

    # rpm -qa | grep PACKAGE-NAME

<Turbolinux 8 Server>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i586.rpm
       433266 cf75452987a0ee5123e61a040ae6ffb6
   openldap-devel-2.0.27-2.i586.rpm
       215562 4b73b92dee5d5a31af762cf3e1a33636
   openldap-libs-2.0.27-2.i586.rpm
       141726 01549dc8fcbe88c90875b27835569a20
   openldap-servers-2.0.27-2.i586.rpm
      1018355 6fc8843e8264f60be52d16790c5e1502

<Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i586.rpm
       433330 d295e7207999df09720f3c05b5175325
   openldap-devel-2.0.27-2.i586.rpm
       215396 dabcb9bcea69d8d98326ca76765ac003
   openldap-libs-2.0.27-2.i586.rpm
       141591 865457e16aeff91f6f162f7af81e5022
   openldap-servers-2.0.27-2.i586.rpm
      1018077 d857888a5a8aea10aed4a5c94b43c392

<Turbolinux 7 Server>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i586.rpm
       434058 9a5490818723be61ffe7719392711fc0
   openldap-devel-2.0.27-2.i586.rpm
       209063 a3a9b145eedb560d3a533754adbe5084
   openldap-libs-2.0.27-2.i586.rpm
       137690 23e699bb946bbc316c12fd4bc5797491
   openldap-servers-2.0.27-2.i586.rpm
       982307 4263c1f362bf0f252af97833eb402252

<Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i586.rpm
       434014 023e343fddc0bada510c6c723a41e68a
   openldap-devel-2.0.27-2.i586.rpm
       209173 646ff58dfaab54c31e3e212f8c43af6d
   openldap-libs-2.0.27-2.i586.rpm
       137673 711037a281ccb3dc460e9eb57326d619
   openldap-servers-2.0.27-2.i586.rpm
       981977 e4ab32c2ba0e834316e6fab679fdb1c0

<Turbolinux Server 6.5>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i386.rpm
       701446 7986c1d392554639d2bbfb6f0b58f909
   openldap-devel-2.0.27-2.i386.rpm
       279547 d3866592ebd22ac435c2c1a40f81bc26
   openldap-libs-2.0.27-2.i386.rpm
       188585 cce8c215cb3076df594841532fd8b856
   openldap-servers-2.0.27-2.i386.rpm
      1379864 9c6421daf4a8cbd19cf72b2aee3b0f16

<Turbolinux Advanced Server 6>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i386.rpm
       701450 9c7daa7610dbb55241c5fcb2452d6b74
   openldap-devel-2.0.27-2.i386.rpm
       279509 7a5c58fd7036bdd2badaaada280609cf
   openldap-libs-2.0.27-2.i386.rpm
       188602 f8871e7b97e64af00900d95ccdb446e8
   openldap-servers-2.0.27-2.i386.rpm
      1379943 2da8d44781dafb26b59095bfd992b02b

<Turbolinux Server 6.1>

   Source Packages
   Size : MD5

   openldap-2.0.27-2.src.rpm
      1321200 050fa896c7a56a67753f82c3b350e945

   Binary Packages
   Size : MD5

   openldap-2.0.27-2.i386.rpm
       701167 d845738b5f9f2024ce2bcbcee57d8647
   openldap-devel-2.0.27-2.i386.rpm
       278892 c4628103ba6cd537985a4e414a43db47
   openldap-libs-2.0.27-2.i386.rpm
       188562 22157f6b4d1032f915c2d3d57b4a61c5
   openldap-servers-2.0.27-2.i386.rpm
      1379650 6b60b126e2323381db8f43f90c2f0fd9

References :

CVE
   [CAN-2002-1378]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1378
   [CAN-2002-1379]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1379

--------------------------------------------------------------------------
Revision History
    21 Jan 2003 Initial release
    01 Apr 2003 modifyed file size
                added to [Affected Products] the Turbolinux 7 Workstation
--------------------------------------------------------------------------

Copyright(C) 2003 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+iVnNK0LzjOqIJMwRAnTxAJ9g8ncuJMNwsZp4T56u7kz14ybBMQCgkA7O
F2WvG8I4xlFtpRq0/KbVWL8=
=7Fx6
-----END PGP SIGNATURE-----