Package: slapd
Severity: grave
Tags: security
Justification: user security hole
A vulnerability has been found in openldap:
Evgeny Legerov has reported a vulnerability in OpenLDAP, which can be exploited
by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to
--On Wednesday, November 08, 2006 10:53 PM +0100 Stefan Fritsch
[EMAIL PROTECTED] wrote:
Can you supply actual details? This statement isn't very useful
without them.
Ups. Of course:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779
http://secunia.com/advisories/22750
Proof of
--On Wednesday, November 08, 2006 9:40 PM +0100 Stefan Fritsch
[EMAIL PROTECTED] wrote:
Package: slapd
Severity: grave
Tags: security
Justification: user security hole
A vulnerability has been found in openldap:
Evgeny Legerov has reported a vulnerability in OpenLDAP, which can be
Can you supply actual details? This statement isn't very useful
without them.
Ups. Of course:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779
http://secunia.com/advisories/22750
Proof of concept exploit (not tested) is at
http://gleg.net/vulndisco_meta.shtml
--
To UNSUBSCRIBE,
--On Wednesday, November 08, 2006 1:56 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
--On Wednesday, November 08, 2006 10:53 PM +0100 Stefan Fritsch
[EMAIL PROTECTED] wrote:
Can you supply actual details? This statement isn't very useful
without them.
Ups. Of course:
--On Wednesday, November 08, 2006 3:02 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
Upstream patch available at:
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/getdn.c
getdn.c 1.124.2.4 - 1.124.2.5
Just to note, this bug can be brute-forced via any existing SASL
--On Wednesday, November 08, 2006 3:45 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
--On Wednesday, November 08, 2006 3:02 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
Upstream patch available at:
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/getdn.c
Quanah Gibson-Mount wrote:
--On Wednesday, November 08, 2006 3:45 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
--On Wednesday, November 08, 2006 3:02 PM -0800 Quanah Gibson-Mount
[EMAIL PROTECTED] wrote:
Upstream patch available at:
8 matches
Mail list logo