ID CVE-2006-4600
Summary slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
References
Vulnerable Configurations
  • cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:openldap:openldap:2.0.24:*:*:*:*:*:*:*
CVSS
Base: 2.3 (as of 17-10-2018 - 21:38)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:A/AC:M/Au:S/C:N/I:P/A:N
oval via4
accepted 2013-04-29T04:20:44.642-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
family unix
id oval:org.mitre.oval:def:9618
status accepted
submitted 2010-07-09T03:56:16-04:00
title slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
version 23
redhat via4
advisories
  • bugzilla
    id 205826
    title CVE-2006-4600 openldap improper selfwrite access
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • OR
      • AND
        • comment compat-openldap is earlier than 0:2.1.30-7.4E
          oval oval:com.redhat.rhsa:tst:20070310012
        • comment compat-openldap is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310013
      • AND
        • comment openldap is earlier than 0:2.2.13-7.4E
          oval oval:com.redhat.rhsa:tst:20070310002
        • comment openldap is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310003
      • AND
        • comment openldap-clients is earlier than 0:2.2.13-7.4E
          oval oval:com.redhat.rhsa:tst:20070310006
        • comment openldap-clients is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310007
      • AND
        • comment openldap-devel is earlier than 0:2.2.13-7.4E
          oval oval:com.redhat.rhsa:tst:20070310008
        • comment openldap-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310009
      • AND
        • comment openldap-servers is earlier than 0:2.2.13-7.4E
          oval oval:com.redhat.rhsa:tst:20070310004
        • comment openldap-servers is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310005
      • AND
        • comment openldap-servers-sql is earlier than 0:2.2.13-7.4E
          oval oval:com.redhat.rhsa:tst:20070310010
        • comment openldap-servers-sql is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310011
    rhsa
    id RHSA-2007:0310
    released 2007-05-01
    severity Low
    title RHSA-2007:0310: openldap security update (Low)
  • bugzilla
    id 234222
    title CVE-2006-4600 openldap improper selfwrite access
    oval
    AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhba:tst:20070026001
    • OR
      • AND
        • comment openldap is earlier than 0:2.0.27-23
          oval oval:com.redhat.rhsa:tst:20070430002
        • comment openldap is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310003
      • AND
        • comment openldap-clients is earlier than 0:2.0.27-23
          oval oval:com.redhat.rhsa:tst:20070430008
        • comment openldap-clients is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310007
      • AND
        • comment openldap-devel is earlier than 0:2.0.27-23
          oval oval:com.redhat.rhsa:tst:20070430006
        • comment openldap-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310009
      • AND
        • comment openldap-servers is earlier than 0:2.0.27-23
          oval oval:com.redhat.rhsa:tst:20070430004
        • comment openldap-servers is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070310005
    rhsa
    id RHSA-2007:0430
    released 2007-06-07
    severity Low
    title RHSA-2007:0430: openldap security and bug-fix update (Low)
rpms
  • compat-openldap-0:2.1.30-7.4E
  • openldap-0:2.2.13-7.4E
  • openldap-clients-0:2.2.13-7.4E
  • openldap-devel-0:2.2.13-7.4E
  • openldap-servers-0:2.2.13-7.4E
  • openldap-servers-sql-0:2.2.13-7.4E
  • openldap-0:2.0.27-23
  • openldap-clients-0:2.0.27-23
  • openldap-devel-0:2.0.27-23
  • openldap-servers-0:2.0.27-23
refmap via4
bid 19832
bugtraq 20060929 rPSA-2006-0176-1 openldap openldap-clients openldap-servers
confirm
fulldisc 20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
gentoo GLSA-200711-23
mandriva MDKSA-2006:171
misc http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4587
mlist [openldap-announce] 20060801 OpenLDAP 2.3.25 available
sectrack 1016783
secunia
  • 21721
  • 22219
  • 22273
  • 22300
  • 25098
  • 25628
  • 25676
  • 25894
  • 26909
  • 27706
sgi 20070602-01-P
trustix 2006-0055
vupen
  • ADV-2007-2186
  • ADV-2007-3229
xf openldap-selfwrite-security-bypass(28772)
statements via4
contributor Mark J Cox
lastmodified 2007-09-05
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=205826 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.
Last major update 17-10-2018 - 21:38
Published 07-09-2006 - 00:04
Back to Top