Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Scientific Linux SL5: SLSA-2014:0206-1 Moderate: OpenLDAP Denial Of Service

Scientific Large Esm H446
Moderate: openldap security update
Date: Mon, 24 Feb 2014 22:08:56 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: openldap on SL5.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: openldap security update
Advisory ID: SLSA-2014:0206-1
Issue Date: 2014-02-24
CVE Numbers: CVE-2013-4449
--

A denial of service flaw was found in the way the OpenLDAP server daemon
(slapd) performed reference counting when using the rwm (rewrite/remap)
overlay. A remote attacker able to query the OpenLDAP server could use
this flaw to crash the server by immediately unbinding from the server
after sending a search request. (CVE-2013-4449)
--

SL5
 x86_64
 compat-openldap-2.3.43_2.2.29-27.el5_10.i386.rpm
 compat-openldap-2.3.43_2.2.29-27.el5_10.x86_64.rpm
 openldap-2.3.43-27.el5_10.i386.rpm
 openldap-2.3.43-27.el5_10.x86_64.rpm
 openldap-clients-2.3.43-27.el5_10.x86_64.rpm
 openldap-debuginfo-2.3.43-27.el5_10.i386.rpm
 openldap-debuginfo-2.3.43-27.el5_10.x86_64.rpm
 openldap-devel-2.3.43-27.el5_10.i386.rpm
 openldap-devel-2.3.43-27.el5_10.x86_64.rpm
 openldap-servers-2.3.43-27.el5_10.x86_64.rpm
 openldap-servers-overlays-2.3.43-27.el5_10.x86_64.rpm
 openldap-servers-sql-2.3.43-27.el5_10.x86_64.rpm
 i386
 compat-openldap-2.3.43_2.2.29-27.el5_10.i386.rpm
 openldap-2.3.43-27.el5_10.i386.rpm
 openldap-clients-2.3.43-27.el5_10.i386.rpm
 openldap-debuginfo-2.3.43-27.el5_10.i386.rpm
 openldap-devel-2.3.43-27.el5_10.i386.rpm
 openldap-servers-2.3.43-27.el5_10.i386.rpm
 openldap-servers-overlays-2.3.43-27.el5_10.i386.rpm
 openldap-servers-sql-2.3.43-27.el5_10.i386.rpm

- Scientific Linux Development Team