Joined: 12 May 2004
|Posted: Tue Nov 28, 2006 9:26 pm Post subject: [ GLSA 200611-25 ] OpenLDAP: Denial of Service vulnerability
|Gentoo Linux Security Advisory
Title: OpenLDAP: Denial of Service vulnerability (GLSA 200611-25)
Date: November 28, 2006
A flaw in OpenLDAP allows remote unauthenticated attackers to cause a Denial of Service.
OpenLDAP is a suite of LDAP-related applications and development tools.
Vulnerable: < 2.3.27-r3
Unaffected: >= 2.3.27-r3
Unaffected: >= 2.2.28-r5 < 2.2.29
Unaffected: >= 2.1.30-r8 < 2.1.31
Architectures: All supported architectures
Evgeny Legerov has discovered that the truncation of an incoming authcid longer than 255 characters and ending with a space as the 255th character will lead to an improperly computed name length. This will trigger an assert in the libldap code.
By sending a BIND request with a specially crafted authcid parameter to an OpenLDAP service, a remote attacker can cause the service to crash.
There is no known workaround at this time.
All OpenLDAP users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose "net-nds/openldap"