Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 068-1 (openldap)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to openldap announced via advisory DSA 068-1.
Insight
Insight
CERT released their advisory CA-2001-18 which lists a number of vulnerabilities in various LDAP implementations. based on the results of the PROTOS LDAPv3 test suite. These tests found one problem in OpenLDAP, a free LDAP implementation that is shipped as part of Debian GNU/Linux 2.2. The problem is that slapd did not handle packets with an invalid BER length of length fields and would crash if it received those. An attacked can use this to mount a denial of service attack remotely. This problem has been fixed in version 1.2.11-1, and we recommend that you upgrade your slapd package immediately.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20068-1