Rapid7 Vulnerability & Exploit Database

RHSA-2001:098: Updated OpenLDAP packages available for Red Hat Linux 6.2, 7, and 7.1

Back to Search

RHSA-2001:098: Updated OpenLDAP packages available for Red Hat Linux 6.2, 7, and 7.1

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
07/16/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated openldap packages are now available for Red Hat Linux 6.2, 7, and 7.1. These packages include fixes for problems which could allow a malicious remote user to crash a server.

When subjected to the PROTOS LDAPv3 test suite, versions of OpenLDAP 1.2 through 1.2.11 and 2.0 through 2.0.7 were found to have vulnerabilities which could be exploited by causing them to attempt to decode an improperly encoded request. These vulnerabilities were fixed in OpenLDAP 1.2.12 and 2.0.8.

Solution(s)

  • redhat-upgrade-openldap
  • redhat-upgrade-openldap-clients
  • redhat-upgrade-openldap-devel
  • redhat-upgrade-openldap-servers
  • redhat-upgrade-openldap12

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;