Test Kennung:	1.3.6.1.4.1.25623.1.0.60704
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2008:0110
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2008:0110. OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols for accessing directory services. These updated openldap packages fix a flaw in the way the OpenLDAP slapd daemon handled modify and modrdn requests with NOOP control on objects stored in a Berkeley DB (BDB) storage backend. An authenticated attacker with permission to perform modify or modrdn operations on such LDAP objects could cause slapd to crash. (CVE-2007-6698, CVE-2008-0658) Users of openldap should upgrade to these updated packages, which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0110.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6698 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html BugTraq ID: 26245 http://www.securityfocus.com/bid/26245 Bugtraq: 20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers (Google Search) http://www.securityfocus.com/archive/1/488242/100/200/threaded Debian Security Information: DSA-1541 (Google Search) http://www.debian.org/security/2008/dsa-1541 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00105.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 http://www.openldap.org/lists/openldap-bugs/200704/msg00067.html http://www.openldap.org/lists/openldap-bugs/200704/msg00068.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10748 http://www.redhat.com/support/errata/RHSA-2008-0110.html http://www.securitytracker.com/id?1019480 http://secunia.com/advisories/28817 http://secunia.com/advisories/28953 http://secunia.com/advisories/29068 http://secunia.com/advisories/29225 http://secunia.com/advisories/29256 http://secunia.com/advisories/29682 http://secunia.com/advisories/29957 SuSE Security Announcement: SUSE-SR:2008:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html http://www.ubuntu.com/usn/usn-584-1 http://www.vupen.com/english/advisories/2009/3184 Common Vulnerability Exposure (CVE) ID: CVE-2008-0658 BugTraq ID: 27778 http://www.securityfocus.com/bid/27778 http://security.gentoo.org/glsa/glsa-200803-28.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9470 http://www.securitytracker.com/id?1019481 http://secunia.com/advisories/28914 http://secunia.com/advisories/28926 http://secunia.com/advisories/29461 http://www.vupen.com/english/advisories/2008/0536/references XForce ISS Database: openldap-modrdn-dos(40479) https://exchange.xforce.ibmcloud.com/vulnerabilities/40479
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.