ID CVE-2009-3767
Summary libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
References
Vulnerable Configurations
  • OpenLDAP OpenLDAP
    cpe:2.3:a:openldap:openldap
  • OpenSSL Project OpenSSL
    cpe:2.3:a:openssl:openssl
CVSS
Base: 6.8 (as of 26-10-2009 - 11:34)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100330_OPENLDAP_ON_SL5_X.NASL
    description A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. (CVE-2009-3767) This update also fixes the following bugs : - the ldap init script did not provide a way to alter system limits for the slapd daemon. A variable is now available in '/etc/sysconfig/ldap' for this option. (BZ#527313) - applications that use the OpenLDAP libraries to contact a Microsoft Active Directory server could crash when a large number of network interfaces existed. This update implements locks in the OpenLDAP library code to resolve this issue. (BZ#510522) - when slapd was configured to allow client certificates, approximately 90% of connections froze because of a large CA certificate file and slapd not checking the success of the SSL handshake. (BZ#509230) - the OpenLDAP server would freeze for unknown reasons under high load. These packages add support for accepting incoming connections by new threads, resolving the issue. (BZ#507276) - the compat-openldap libraries did not list dependencies on other libraries, causing programs that did not specifically specify the libraries to fail. Detection of the Application Binary Interface (ABI) in use on 64-bit systems has been added with this update. (BZ#503734) - the OpenLDAP libraries caused applications to crash due to an unprocessed network timeout. A timeval of -1 is now passed when NULL is passed to LDAP. (BZ#495701) - slapd could crash on a server under heavy load when using rwm overlay, caused by freeing non-allocated memory during operation cleanup. (BZ#495628) - the ldap init script made a temporary script in '/tmp/' and attempted to execute it. Problems arose when '/tmp/' was mounted with the noexec option. The temporary script is no longer created. (BZ#483356) - the ldap init script always started slapd listening on ldap:/// even if instructed to listen only on ldaps:///. By correcting the init script, a user can now select which ports slapd should listen on. (BZ#481003) - the slapd manual page did not mention the supported options -V and -o. (BZ#468206) - slapd.conf had a commented-out option to load the syncprov.la module. Once un-commented, slapd crashed at start-up because the module had already been statically linked to OpenLDAP. This update removes 'moduleload syncprov.la' from slapd.conf, which resolves this issue. (BZ#466937) - the migrate_automount.pl script produced output that was unsupported by autofs. This is corrected by updating the output LDIF format for automount records. (BZ#460331) - the ldap init script uses the TERM signal followed by the KILL signal when shutting down slapd. Minimal delay between the two signals could cause the LDAP database to become corrupted if it had not finished saving its state. A delay between the signals has been added via the 'STOP_DELAY' option in '/etc/sysconfig/ldap'. (BZ#452064) - the migrate_passwd.pl migration script had a problem when number fields contained only a zero. Such fields were considered to be empty, leading to the attribute not being set in the LDIF output. The condition in dump_shadow_attributes has been corrected to allow for the attributes to contain only a zero. (BZ#113857) - the migrate_base.pl migration script did not handle third level domains correctly, creating a second level domain that could not be held by a database with a three level base. This is now allowed by modifying the migrate_base.pl script to generate only one domain. (BZ#104585)
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60771
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60771
    title Scientific Linux Security Update : openldap on SL5.x i386/x86_64
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2010-0015_REMOTE.NASL
    description The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - Berkeley DB NSS module - cURL / libcURL - GnuTLS - Network Security Services (NSS) Library - OpenLDAP - OpenSSL - OpenSSL Kerberos - sudo
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89742
    published 2016-03-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89742
    title VMware ESX Multiple Vulnerabilities (VMSA-2010-0015) (remote check)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0198.NASL
    description Updated openldap packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. (CVE-2009-3767) This update also fixes the following bugs : * the ldap init script did not provide a way to alter system limits for the slapd daemon. A variable is now available in '/etc/sysconfig/ldap' for this option. (BZ#527313) * applications that use the OpenLDAP libraries to contact a Microsoft Active Directory server could crash when a large number of network interfaces existed. This update implements locks in the OpenLDAP library code to resolve this issue. (BZ#510522) * when slapd was configured to allow client certificates, approximately 90% of connections froze because of a large CA certificate file and slapd not checking the success of the SSL handshake. (BZ#509230) * the OpenLDAP server would freeze for unknown reasons under high load. These packages add support for accepting incoming connections by new threads, resolving the issue. (BZ#507276) * the compat-openldap libraries did not list dependencies on other libraries, causing programs that did not specifically specify the libraries to fail. Detection of the Application Binary Interface (ABI) in use on 64-bit systems has been added with this update. (BZ#503734) * the OpenLDAP libraries caused applications to crash due to an unprocessed network timeout. A timeval of -1 is now passed when NULL is passed to LDAP. (BZ#495701) * slapd could crash on a server under heavy load when using rwm overlay, caused by freeing non-allocated memory during operation cleanup. (BZ#495628) * the ldap init script made a temporary script in '/tmp/' and attempted to execute it. Problems arose when '/tmp/' was mounted with the noexec option. The temporary script is no longer created. (BZ#483356) * the ldap init script always started slapd listening on ldap:/// even if instructed to listen only on ldaps:///. By correcting the init script, a user can now select which ports slapd should listen on. (BZ#481003) * the slapd manual page did not mention the supported options -V and -o. (BZ#468206) * slapd.conf had a commented-out option to load the syncprov.la module. Once un-commented, slapd crashed at start-up because the module had already been statically linked to OpenLDAP. This update removes 'moduleload syncprov.la' from slapd.conf, which resolves this issue. (BZ#466937) * the migrate_automount.pl script produced output that was unsupported by autofs. This is corrected by updating the output LDIF format for automount records. (BZ#460331) * the ldap init script uses the TERM signal followed by the KILL signal when shutting down slapd. Minimal delay between the two signals could cause the LDAP database to become corrupted if it had not finished saving its state. A delay between the signals has been added via the 'STOP_DELAY' option in '/etc/sysconfig/ldap'. (BZ#452064) * the migrate_passwd.pl migration script had a problem when number fields contained only a zero. Such fields were considered to be empty, leading to the attribute not being set in the LDIF output. The condition in dump_shadow_attributes has been corrected to allow for the attributes to contain only a zero. (BZ#113857) * the migrate_base.pl migration script did not handle third level domains correctly, creating a second level domain that could not be held by a database with a three level base. This is now allowed by modifying the migrate_base.pl script to generate only one domain. (BZ#104585) Users of OpenLDAP should upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 46284
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46284
    title RHEL 5 : openldap (RHSA-2010:0198)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201406-36.NASL
    description The remote host is affected by the vulnerability described in GLSA-201406-36 (OpenLDAP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenLDAP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on SSL connections made using OpenLDAP, bypass security restrictions or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 76331
    published 2014-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76331
    title GLSA-201406-36 : OpenLDAP: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0543.NASL
    description Updated openldap packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. An uninitialized pointer use flaw was discovered in the way the slapd daemon handled modify relative distinguished name (modrdn) requests. An authenticated user with privileges to perform modrdn operations could use this flaw to crash the slapd daemon via specially crafted modrdn requests. (CVE-2010-0211) Red Hat would like to thank CERT-FI for responsibly reporting the CVE-2010-0211 flaw, who credit Ilkka Mattila and Tuomas Salomaki for the discovery of the issue. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. (CVE-2009-3767) Users of OpenLDAP should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the OpenLDAP daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47878
    published 2010-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47878
    title RHEL 4 : openldap (RHSA-2010:0543)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-0752.NASL
    description Fixed security issue CVE-2009-3767, F12 and 13 already contain the fix, since it has been fixed in openldap-2.4.18 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47195
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47195
    title Fedora 11 : openldap-2.4.15-7.fc11 (2010-0752)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0543.NASL
    description From Red Hat Security Advisory 2010:0543 : Updated openldap packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. An uninitialized pointer use flaw was discovered in the way the slapd daemon handled modify relative distinguished name (modrdn) requests. An authenticated user with privileges to perform modrdn operations could use this flaw to crash the slapd daemon via specially crafted modrdn requests. (CVE-2010-0211) Red Hat would like to thank CERT-FI for responsibly reporting the CVE-2010-0211 flaw, who credit Ilkka Mattila and Tuomas Salomaki for the discovery of the issue. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. (CVE-2009-3767) Users of OpenLDAP should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the OpenLDAP daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68065
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68065
    title Oracle Linux 4 : openldap (ELSA-2010-0543)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1943.NASL
    description It was discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44808
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44808
    title Debian DSA-1943-1 : openldap openldap2.3 - insufficient input validation
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_ABAD20BFC1B411E3A5AC001B21614864.NASL
    description Jan Lieskovsky reports : OpenLDAP does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73552
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73552
    title FreeBSD : OpenLDAP -- incorrect handling of NULL in certificate Common Name (abad20bf-c1b4-11e3-a5ac-001b21614864)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0543.NASL
    description Updated openldap packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. An uninitialized pointer use flaw was discovered in the way the slapd daemon handled modify relative distinguished name (modrdn) requests. An authenticated user with privileges to perform modrdn operations could use this flaw to crash the slapd daemon via specially crafted modrdn requests. (CVE-2010-0211) Red Hat would like to thank CERT-FI for responsibly reporting the CVE-2010-0211 flaw, who credit Ilkka Mattila and Tuomas Salomaki for the discovery of the issue. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. (CVE-2009-3767) Users of OpenLDAP should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the OpenLDAP daemons will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47790
    published 2010-07-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47790
    title CentOS 4 : openldap (CESA-2010:0543)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-858-1.NASL
    description It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 42795
    published 2009-11-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42795
    title Ubuntu 6.06 LTS : openldap2.2 vulnerability (USN-858-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-026.NASL
    description A vulnerability was discovered and corrected in openldap : libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a '�' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-3767). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 44321
    published 2010-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44321
    title Mandriva Linux Security Advisory : openldap (MDVSA-2010:026)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2010-0015.NASL
    description a. Service Console update for NSS_db The service console package NSS_db is updated to version nss_db-2.2-35.4.el5_5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0826 to this issue. b. Service Console update for OpenLDAP The service console package OpenLDAP updated to version 2.3.43-12.el5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-3767 to this issue. c. Service Console update for cURL The service console packages for cURL updated to version 7.15.5-9.el5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to this issue. d. Service Console update for sudo The service console package sudo updated to version 1.7.2p1-7.el5_5. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1646 to this issue. e. Service Console update for OpenSSL, GnuTLS, NSS and NSPR Service Console updates for OpenSSL to version 097a-0.9.7a-9.el5_4.2 and version 0.9.8e-12.el5_4.6, GnuTLS to version 1.4.1-3.el5_4.8, and NSS to version 3.12.6-1.3235.vmw and NSPR to version 4.8.4-1.3235.vmw. These four updates are bundled together due to their mutual dependencies. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-3555, CVE-2009-2409, CVE-2009-3245 and CVE-2010-0433 to the issues addressed in this update.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 49703
    published 2010-10-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49703
    title VMSA-2010-0015 : VMware ESX third-party updates for Service Console
oval via4
  • accepted 2013-04-29T04:12:05.615-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
    family unix
    id oval:org.mitre.oval:def:11178
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
    version 18
  • accepted 2014-01-20T04:01:33.548-05:00
    class vulnerability
    contributors
    • name Varun
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    comment VMware ESX Server 4.0 is installed
    oval oval:org.mitre.oval:def:6293
    description libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
    family unix
    id oval:org.mitre.oval:def:7274
    status accepted
    submitted 2010-10-04T11:07:15.000-05:00
    title VMware ESX, Service Console update for OpenLDAP.
    version 7
redhat via4
advisories
  • bugzilla
    id 562714
    title openldap init script does not handle listen uris properly
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5
          oval oval:com.redhat.rhsa:tst:20100198014
        • comment compat-openldap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071037011
      • AND
        • comment openldap is earlier than 0:2.3.43-12.el5
          oval oval:com.redhat.rhsa:tst:20100198002
        • comment openldap is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071037003
      • AND
        • comment openldap-clients is earlier than 0:2.3.43-12.el5
          oval oval:com.redhat.rhsa:tst:20100198004
        • comment openldap-clients is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071037005
      • AND
        • comment openldap-devel is earlier than 0:2.3.43-12.el5
          oval oval:com.redhat.rhsa:tst:20100198010
        • comment openldap-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071037009
      • AND
        • comment openldap-servers is earlier than 0:2.3.43-12.el5
          oval oval:com.redhat.rhsa:tst:20100198008
        • comment openldap-servers is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071037007
      • AND
        • comment openldap-servers-overlays is earlier than 0:2.3.43-12.el5
          oval oval:com.redhat.rhsa:tst:20100198012
        • comment openldap-servers-overlays is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100198013
      • AND
        • comment openldap-servers-sql is earlier than 0:2.3.43-12.el5
          oval oval:com.redhat.rhsa:tst:20100198006
        • comment openldap-servers-sql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071037013
    rhsa
    id RHSA-2010:0198
    released 2010-03-30
    severity Moderate
    title RHSA-2010:0198: openldap security and bug fix update (Moderate)
  • rhsa
    id RHSA-2010:0543
  • rhsa
    id RHSA-2011:0896
rpms
  • compat-openldap-0:2.3.43_2.2.29-12.el5
  • openldap-0:2.3.43-12.el5
  • openldap-clients-0:2.3.43-12.el5
  • openldap-devel-0:2.3.43-12.el5
  • openldap-servers-0:2.3.43-12.el5
  • openldap-servers-overlays-0:2.3.43-12.el5
  • openldap-servers-sql-0:2.3.43-12.el5
  • compat-openldap-0:2.1.30-12.el4_8.3
  • openldap-0:2.2.13-12.el4_8.3
  • openldap-clients-0:2.2.13-12.el4_8.3
  • openldap-devel-0:2.2.13-12.el4_8.3
  • openldap-servers-0:2.2.13-12.el4_8.3
  • openldap-servers-sql-0:2.2.13-12.el4_8.3
refmap via4
apple APPLE-SA-2009-11-09-1
confirm
fedora FEDORA-2010-0752
gentoo GLSA-201406-36
mlist
  • [oss-security] 20090903 More CVE-2009-2408 like issues
  • [oss-security] 20090923 Re: More CVE-2009-2408 like issues
secunia
  • 38769
  • 40677
suse SUSE-SR:2009:016
vupen
  • ADV-2009-3056
  • ADV-2010-1858
statements via4
  • contributor
    lastmodified 2009-10-30
    organization OpenLDAP
    statement OpenLDAP reported this issue and published a patch for it on 2009-07-30. The patch was included in OpenLDAP 2.4.18 which was released on 2009-09-06. The current release of OpenLDAP is available from the following location: http://www.openldap.org/software/download/
  • contributor Tomas Hoger
    lastmodified 2010-07-20
    organization Red Hat
    statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767 This issue was addressed in the openldap packages as shipped with Red Hat Enterprise Linux 5 and 4 via: https://rhn.redhat.com/errata/RHSA-2010-0198.html and https://rhn.redhat.com/errata/RHSA-2010-0543.html respectively. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future openldap update may address this flaw in Red Hat Enterprise Linux 3.
Last major update 06-01-2017 - 21:59
Published 23-10-2009 - 15:30
Last modified 18-09-2017 - 21:29
Back to Top