ID CVE-2006-4600
Summary slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
References
Vulnerable Configurations
  • cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*
CVSS
Base: 2.3 (as of 17-10-2018 - 21:38)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:A/AC:M/Au:S/C:N/I:P/A:N
oval via4
accepted 2013-04-29T04:20:44.642-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
family unix
id oval:org.mitre.oval:def:9618
status accepted
submitted 2010-07-09T03:56:16-04:00
title slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
version 29
redhat via4
advisories
  • bugzilla
    id 1618198
    title CVE-2006-4600 security flaw
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • comment compat-openldap is earlier than 0:2.1.30-7.4E
            oval oval:com.redhat.rhsa:tst:20070310001
          • comment compat-openldap is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070310002
        • AND
          • comment openldap is earlier than 0:2.2.13-7.4E
            oval oval:com.redhat.rhsa:tst:20070310003
          • comment openldap is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070310004
        • AND
          • comment openldap-clients is earlier than 0:2.2.13-7.4E
            oval oval:com.redhat.rhsa:tst:20070310005
          • comment openldap-clients is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070310006
        • AND
          • comment openldap-devel is earlier than 0:2.2.13-7.4E
            oval oval:com.redhat.rhsa:tst:20070310007
          • comment openldap-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070310008
        • AND
          • comment openldap-servers is earlier than 0:2.2.13-7.4E
            oval oval:com.redhat.rhsa:tst:20070310009
          • comment openldap-servers is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070310010
        • AND
          • comment openldap-servers-sql is earlier than 0:2.2.13-7.4E
            oval oval:com.redhat.rhsa:tst:20070310011
          • comment openldap-servers-sql is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070310012
    rhsa
    id RHSA-2007:0310
    released 2007-05-01
    severity Low
    title RHSA-2007:0310: openldap security update (Low)
  • rhsa
    id RHSA-2007:0430
rpms
  • compat-openldap-0:2.1.30-7.4E
  • openldap-0:2.2.13-7.4E
  • openldap-clients-0:2.2.13-7.4E
  • openldap-debuginfo-0:2.2.13-7.4E
  • openldap-devel-0:2.2.13-7.4E
  • openldap-servers-0:2.2.13-7.4E
  • openldap-servers-sql-0:2.2.13-7.4E
  • openldap-0:2.0.27-23
  • openldap-clients-0:2.0.27-23
  • openldap-debuginfo-0:2.0.27-23
  • openldap-devel-0:2.0.27-23
  • openldap-servers-0:2.0.27-23
refmap via4
bid 19832
bugtraq 20060929 rPSA-2006-0176-1 openldap openldap-clients openldap-servers
confirm
fulldisc 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
gentoo GLSA-200711-23
mandriva MDKSA-2006:171
misc http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4587
mlist [openldap-announce] 20060801 OpenLDAP 2.3.25 available
sectrack 1016783
secunia
  • 21721
  • 22219
  • 22273
  • 22300
  • 25098
  • 25628
  • 25676
  • 25894
  • 26909
  • 27706
sgi 20070602-01-P
trustix 2006-0055
vupen
  • ADV-2007-2186
  • ADV-2007-3229
xf openldap-selfwrite-security-bypass(28772)
statements via4
contributor Mark J Cox
lastmodified 2007-09-05
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=205826 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.
Last major update 17-10-2018 - 21:38
Published 07-09-2006 - 00:04
Last modified 17-10-2018 - 21:38
Back to Top