Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Scientific Linux 5.x: CVE-2011-1024 Moderate: OpenLDAP Authentication Issue

Calendar Mar 11, 2011 User Avatar LinuxSecurity Advisories
2 - 3 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate bug fix openldap scientific linux
Moderate: openldap security and bug fix update 
Date: Fri, 11 Mar 2011 10:20:42 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA Moderate: openldap on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Moderate: openldap security and bug fix update
Issue date:	2011-03-10
CVE Names:	CVE-2011-1024

A flaw was found in the way OpenLDAP handled authentication failures
being passed from an OpenLDAP slave to the master. If OpenLDAP was
configured with a chain overlay and it forwarded authentication
failures, OpenLDAP would bind to the directory as an anonymous user and
return success, rather than return failure on the authenticated bind.
This could allow a user on a system that uses LDAP for authentication to
log into a directory-based account without knowing the password.
(CVE-2011-1024)

This update also fixes the following bug:

* Previously, multiple concurrent connections to an OpenLDAP server
could cause the slapd service to terminate unexpectedly with an
assertion error. This update adds mutexes to protect multiple threads
from accessing a structure with a connection, and the slapd service no
longer crashes. (BZ#677611)

After installing this update, the OpenLDAP daemons will be restarted
automatically.

SL 5.x

 SRPMS:
openldap-2.3.43-12.el5_6.7.src.rpm
 i386:
compat-openldap-2.3.43_2.2.29-12.el5_6.7.i386.rpm
openldap-2.3.43-12.el5_6.7.i386.rpm
openldap-clients-2.3.43-12.el5_6.7.i386.rpm
openldap-devel-2.3.43-12.el5_6.7.i386.rpm
openldap-servers-2.3.43-12.el5_6.7.i386.rpm
openldap-servers-overlays-2.3.43-12.el5_6.7.i386.rpm
openldap-servers-sql-2.3.43-12.el5_6.7.i386.rpm
 x86_64:
compat-openldap-2.3.43_2.2.29-12.el5_6.7.i386.rpm
compat-openldap-2.3.43_2.2.29-12.el5_6.7.x86_64.rpm
openldap-2.3.43-12.el5_6.7.i386.rpm
openldap-2.3.43-12.el5_6.7.x86_64.rpm
openldap-clients-2.3.43-12.el5_6.7.x86_64.rpm
openldap-devel-2.3.43-12.el5_6.7.i386.rpm
openldap-devel-2.3.43-12.el5_6.7.x86_64.rpm
openldap-servers-2.3.43-12.el5_6.7.x86_64.rpm
openldap-servers-overlays-2.3.43-12.el5_6.7.x86_64.rpm
openldap-servers-sql-2.3.43-12.el5_6.7.x86_64.rpm

-Connie Sieh
-Troy Dawson
Your message here