Linux Security
Linux Security
Linux Security

Debian: openldap2 multiple vulnerabilities

Date 13 Jan 2003
Posted By LinuxSecurity Advisories
The SuSE Security Team reviewed critical parts of openldap2 and found several buffer overflows and other bugs remote attackers could exploit to gain access on systems running vulnerable LDAP servers.

Debian Security Advisory DSA 227-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
January, 13th, 2003            

Package        : openldap2
Vulnerability  : buffer overflows and other bugs
Problem-Type   : local, remote
Debian-specific: no
CVE Id         : CAN-2002-1378 CAN-2002-1379
BugTraq Id     : 6328

The SuSE Security Team reviewed critical parts of openldap2, an
implementation of the Lightweight Directory Access Protocol (LDAP)
version 2 and 3, and found several buffer overflows and other bugs
remote attackers could exploit to gain access on systems running
vulnerable LDAP servers.  In addition to these bugs, various local
exploitable bugs within the OpenLDAP2 libraries have been fixed.

For the current stable distribution (woody) these problems have been
fixed in version 2.0.23-6.3.

The old stable distribution (potato) does not contain OpenLDAP2

For the unstable distribution (sid) these problems have been fixed in
version 2.0.27-3.

We recommend that you upgrade your openldap2 packages.

Upgrade Instructions

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

  Source archives:
      Size/MD5 checksum:      763 45168fb49d17bcbefc2d920400705ac1
      Size/MD5 checksum:    20913 f0fa8fa225ccd5ce44504811511c9ad4
      Size/MD5 checksum:  1302928 d13cfded502c7d2b43b3c42b4e6dd599

  Alpha architecture:
      Size/MD5 checksum:    87630 29068d6586e62aa8141995d19d85b5f2
      Size/MD5 checksum:   113812 ffe2c1b7afd49bbd45143b4d2c5738a3
      Size/MD5 checksum:   213992 5a20e5fa07a7e64c501fce960bafb00d
      Size/MD5 checksum:  1833542 4554c75be54f37f98062874c1fd05ef3
      Size/MD5 checksum:   806478 e3ebfb7fefffdebdfc48127c53989b5a

  ARM architecture:
      Size/MD5 checksum:    65998 395356a67fc07a37cb7ff83e4f433f08
      Size/MD5 checksum:    90090 2d6582bca66d8d4975767e9143610617
      Size/MD5 checksum:   183032 202e9ee365ea54dab60b7b827d47b759
      Size/MD5 checksum:  1789034 7144479db1c2c8433fcd89ee6b1cd693
      Size/MD5 checksum:   672624 d93eddf64b805fe8ad456e1abb477237
  Intel IA-32 architecture:
      Size/MD5 checksum:    65232 423b8b0b3fd8a09ef365d4ec25023d26
      Size/MD5 checksum:    86350 0bc201b83a18897972cecccb37beba0b
      Size/MD5 checksum:   172742 2222f508b8f6b0cf808ece56cfd639e9
      Size/MD5 checksum:  1732946 1f98f56fb5b0215788c9581cc330a77a
      Size/MD5 checksum:   606922 42fc1c90d802d9bc155094cd2c5b3a05

  Intel IA-64 architecture:
      Size/MD5 checksum:    97926 102155513b8228429771ede0d79ba286
      Size/MD5 checksum:   130370 c200491173f802aa79f18f6069d693a6
      Size/MD5 checksum:   287272 bc3d117d2a5ce5472bd7c8e82415c316
      Size/MD5 checksum:  1770604 541a1c9edbe6a16405882e222cd7a109
      Size/MD5 checksum:  1055364 6f57696f2b7531f84130a70af0549b8d

  HP Precision architecture:
      Size/MD5 checksum:    72484 204da57b2ee9c96ce1c452b7930200ed
      Size/MD5 checksum:    96546 c7effeaa7614518f6fc3430377a4a5d5
      Size/MD5 checksum:   215844 579d0e6079f28507f1ec9cb04e480eb1
      Size/MD5 checksum:  1918820 4fe546d4d46cd60886b632454051305f
      Size/MD5 checksum:   754974 33465a944d5f074d8360c6636e59a21c

  Motorola 680x0 architecture:
      Size/MD5 checksum:    63104 97a7ac89fa92969b337c9faac65a396f
      Size/MD5 checksum:    82360 622b8f56215e11e8d8560a046ae6727d
      Size/MD5 checksum:   172070 6c83f54353a1f6e4ab930534ff1d4e3f
      Size/MD5 checksum:  1747054 ed7fb0f971840a7fa830bf8398a4d14e
      Size/MD5 checksum:   549178 af67d5db8fe060084f216816d5317349

  Big endian MIPS architecture:
      Size/MD5 checksum:    71252 ec1e7143d9bee2bbbe0c51c74565539a
      Size/MD5 checksum:    96432 63ea165d5ced9a86f03f401ddd82bdec
      Size/MD5 checksum:   182296 7f14e28ef4cb9dc8ee4a81379a41ba43
      Size/MD5 checksum:  1740550 80ceff7b9ad86b6a271a75f02b7fc156
      Size/MD5 checksum:   690306 d1fcfcfb94ed45c1cc1738f650ea7791

  Little endian MIPS architecture:
      Size/MD5 checksum:    71024 7525d0c425e5039e9057f8ba7b33887a
      Size/MD5 checksum:    96224 5659381cf1d060a6e941fa966b0a0ee9
      Size/MD5 checksum:   182322 416d63e7910ac76318b044ec1822f7a5
      Size/MD5 checksum:  1707922 1d802562db371b06b85fb9377c243b9c
      Size/MD5 checksum:   690470 b2641844353f0e774878ed2584f3377b

  PowerPC architecture:
      Size/MD5 checksum:    67354 cea40c452a90042c183d548374e3d3ab
      Size/MD5 checksum:    89190 8ba071acfbd7ce9a91547506c9f2032d
      Size/MD5 checksum:   190122 2ed378aced84f062d25341ea402fe432
      Size/MD5 checksum:  1833820 9e552d28447baff88a9513224872df4c
      Size/MD5 checksum:   659124 bd3a42e7f529ffe0ba2c14db79d4c5e9

  IBM S/390 architecture:
      Size/MD5 checksum:    68148 c092242782dc253a48bed75e64d89f73
      Size/MD5 checksum:    90736 4f1a07b555e2b45c2010f906cc5643b8
      Size/MD5 checksum:   185080 31f46df36b184835aa7dfa690f0e5acf
      Size/MD5 checksum:  1774464 73c0f603bccf160742f195eceda8cdaa
      Size/MD5 checksum:   630076 51fb890370a4ac20cc624bd098f47a1f

  Sun Sparc architecture:
      Size/MD5 checksum:    83524 3a4ecbbec28bdbece90059b279cf0b79
      Size/MD5 checksum:    96442 22cd660e75d55fdacdd8f3f496018e86
      Size/MD5 checksum:   184178 8ed0238017accfbf049df22ba8caf7e0
      Size/MD5 checksum:  1793314 4ef681fc1a92aad509ed6b7697ea5ac3
      Size/MD5 checksum:   633264 70f1164d9d170954a31142e3aef49f61

  These files will probably be moved into the stable distribution on
  its next revision.

For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"47","type":"x","order":"1","pct":79.66,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.86,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.47,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.