rPSA-2006-0099-1 openldap openldap-clients openldap-servers

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2006-0099-1 openldap openldap-clients openldap-servers
From: "Justin M. Forbes" <jmforbes@xxxxxxxxx>
Date: Fri, 09 Jun 2006 16:54:51 -0400
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2006-0099-1
Published: 2006-06-09
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
    Weakness
Updated Versions:
    openldap=/conary.rpath.com@rpl:devel//1/2.2.26-8.3-1
    openldap-clients=/conary.rpath.com@rpl:devel//1/2.2.26-8.3-1
    openldap-servers=/conary.rpath.com@rpl:devel//1/2.2.26-8.3-1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2754
    http://issues.rpath.com/browse/RPL-423
    http://secunia.com/advisories/20126

Description:
    Previous versions of the openldap server have a weakness reading
    the openldap status file.  This weakness may result in some
    vulnerability, which may include denial of service or remote
    privilege escalation when an openldap service is exposed.

Prev by Date: CORE-2006-0330: Asterisk PBX truncated video frame vulnerability
Next by Date: [SECURITY] [DSA 1095-1] New freetype packages fix several vulnerabilities
Previous by thread: CORE-2006-0330: Asterisk PBX truncated video frame vulnerability
Next by thread: [SECURITY] [DSA 1095-1] New freetype packages fix several vulnerabilities
Index(es):
- Date
- Thread