SB2011032003 - Multiple vulnerabilities in OpenLDAP
Published: March 20, 2011 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Resource management error (CVE-ID: CVE-2011-1081)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2011-1024)
The vulnerability allows a remote #AU# to read and manipulate data.
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
3) Improper Authentication (CVE-ID: CVE-2011-1025)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.
Remediation
Install update from vendor's website.
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://openwall.com/lists/oss-security/2011/02/28/1
- http://openwall.com/lists/oss-security/2011/02/28/2
- http://openwall.com/lists/oss-security/2011/03/01/11
- http://openwall.com/lists/oss-security/2011/03/01/15
- http://secunia.com/advisories/43331
- http://secunia.com/advisories/43718
- http://security.gentoo.org/glsa/glsa-201406-36.xml
- http://securitytracker.com/id?1025191
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:055
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:056
- http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.8&r2=1.170.2.9
- http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6768
- http://www.openldap.org/lists/openldap-announce/201102/msg00000.html
- http://www.redhat.com/support/errata/RHSA-2011-0347.html
- http://www.ubuntu.com/usn/USN-1100-1
- http://www.vupen.com/english/advisories/2011/0665
- https://bugzilla.novell.com/show_bug.cgi?id=674985
- https://bugzilla.redhat.com/show_bug.cgi?id=680975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66239
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
- http://openwall.com/lists/oss-security/2011/02/24/12
- http://openwall.com/lists/oss-security/2011/02/25/13
- http://secunia.com/advisories/43708
- http://securitytracker.com/id?1025188
- http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-ldap/chain.c.diff?r1=1.76&r2=1.77&hideattic=1&sortbydate=0
- http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6607
- http://www.openldap.org/lists/openldap-technical/201004/msg00247.html
- http://www.redhat.com/support/errata/RHSA-2011-0346.html
- https://bugzilla.redhat.com/show_bug.cgi?id=680466
- http://securitytracker.com/id?1025190
- http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-ndb/bind.cpp.diff?r1=1.5&r2=1.8
- http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6661
- https://bugzilla.redhat.com/show_bug.cgi?id=680472