var-201509-0200
Vulnerability from variot
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. OpenLDAP is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008
OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses the following:
apache_mod_php Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30. CVE-ID CVE-2015-7803 CVE-2015-7804
AppSandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may maintain access to Contacts after having access revoked Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox. CVE-ID CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt
Bluetooth Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7108 : Ian Beer of Google Project Zero
CFNetwork HTTPProtocol Available for: OS X El Capitan v10.11 and v10.11.1 Impact: An attacker with a privileged network position may be able to bypass HSTS Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation. CVE-ID CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea)
Compression Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams. CVE-ID CVE-2015-7054 : j00ru
Configuration Profiles Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local attacker may be able to install a configuration profile without admin privileges Description: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-7062 : David Mulder of Dell Software
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team
CoreMedia Playback Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7074 : Apple CVE-2015-7075
Disk Images Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7110 : Ian Beer of Google Project Zero
EFI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7063 : Apple
File Bookmark Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization. CVE-ID CVE-2015-7071 : Apple
Hypervisor Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management. CVE-ID CVE-2015-7078 : Ian Beer of Google Project Zero
iBooks Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7053 : Apple
Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A null pointer dereference issue was addressed through improved input validation. CVE-ID CVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D
Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D
Intel Graphics Driver Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with system privileges Description: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7077 : Ian Beer of Google Project Zero
IOAcceleratorFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7109 : Juwei Lin of TrendMicro
IOHIDFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7111 : beist and ABH of BoB CVE-2015-7112 : Ian Beer of Google Project Zero
IOKit SCSI Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation. CVE-ID CVE-2015-7068 : Ian Beer of Google Project Zero
IOThunderboltFamily Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts. CVE-ID CVE-2015-7067 : Juwei Lin of TrendMicro
Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-ID CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team CVE-2015-7043 : Tarjei Mandt (@kernelpool)
Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7083 : Ian Beer of Google Project Zero CVE-2015-7084 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages. CVE-ID CVE-2015-7047 : Ian Beer of Google Project Zero
kext tools Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification. CVE-ID CVE-2015-7052 : Apple
Keychain Access Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may be able to masquerade as the Keychain Server. Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality. CVE-ID CVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi- Min Hu of Tsinghua University, and Xinhui Han of Peking University
libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling. CVE-ID CVE-2011-2895 : @practicalswift
libc Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7038 CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM)
libexpat Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in expat Description: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0. CVE-ID CVE-2012-0876 : Vincent Danen CVE-2012-1147 : Kurt Seifried CVE-2012-1148 : Kurt Seifried
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University
OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7064 : Apple CVE-2015-7065 : Apple CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks
OpenLDAP Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote unauthenticated client may be able to cause a denial of service Description: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation. CVE-ID CVE-2015-6908
OpenSSH Available for: OS X El Capitan v10.11 and v10.11.1 Impact: Multiple vulnerabilities in LibreSSL Description: Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8. CVE-ID CVE-2015-5333 CVE-2015-5334
QuickLook Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7107
Sandbox Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7046 : Apple
Security Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7073 : Benoit Foucher of ZeroC, Inc.
Security Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation CVE-ID CVE-2015-7059 : David Keeler of Mozilla CVE-2015-7060 : Tyson Smith of Mozilla CVE-2015-7061 : Ryan Sleevi of Google
Security Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application may gain access to a user's Keychain items Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-7058
System Integrity Protection Available for: OS X El Capitan v10.11 and v10.11.1 Impact: A malicious application with root privileges may be able to execute arbitrary code with system privileges Description: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks. CVE-ID CVE-2015-7044 : MacDefender
Installation note:
Security Update 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in. https://support.apple.com/en-us/HT205081
OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2: https://support.apple.com/en-us/HT205639
OS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j PE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn +XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ jtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz 0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g OjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s Ima2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36 Num/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB BhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY Z9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx rfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T gvIdn3N1k8hWpmYDjxZd =Yi/n -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openldap security update Advisory ID: RHSA-2015:1840-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1840.html Issue date: 2015-09-29 CVE Names: CVE-2015-6908 =====================================================================
- Summary:
Updated openldap packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP.
A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908)
All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: openldap-2.3.43-29.el5_11.src.rpm
i386: compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm openldap-2.3.43-29.el5_11.i386.rpm openldap-clients-2.3.43-29.el5_11.i386.rpm openldap-debuginfo-2.3.43-29.el5_11.i386.rpm
x86_64: compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm compat-openldap-2.3.43_2.2.29-29.el5_11.x86_64.rpm openldap-2.3.43-29.el5_11.i386.rpm openldap-2.3.43-29.el5_11.x86_64.rpm openldap-clients-2.3.43-29.el5_11.x86_64.rpm openldap-debuginfo-2.3.43-29.el5_11.i386.rpm openldap-debuginfo-2.3.43-29.el5_11.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: openldap-2.3.43-29.el5_11.src.rpm
i386: openldap-debuginfo-2.3.43-29.el5_11.i386.rpm openldap-devel-2.3.43-29.el5_11.i386.rpm openldap-servers-2.3.43-29.el5_11.i386.rpm openldap-servers-overlays-2.3.43-29.el5_11.i386.rpm openldap-servers-sql-2.3.43-29.el5_11.i386.rpm
x86_64: openldap-debuginfo-2.3.43-29.el5_11.i386.rpm openldap-debuginfo-2.3.43-29.el5_11.x86_64.rpm openldap-devel-2.3.43-29.el5_11.i386.rpm openldap-devel-2.3.43-29.el5_11.x86_64.rpm openldap-servers-2.3.43-29.el5_11.x86_64.rpm openldap-servers-overlays-2.3.43-29.el5_11.x86_64.rpm openldap-servers-sql-2.3.43-29.el5_11.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: openldap-2.3.43-29.el5_11.src.rpm
i386: compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm openldap-2.3.43-29.el5_11.i386.rpm openldap-clients-2.3.43-29.el5_11.i386.rpm openldap-debuginfo-2.3.43-29.el5_11.i386.rpm openldap-devel-2.3.43-29.el5_11.i386.rpm openldap-servers-2.3.43-29.el5_11.i386.rpm openldap-servers-overlays-2.3.43-29.el5_11.i386.rpm openldap-servers-sql-2.3.43-29.el5_11.i386.rpm
ia64: compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm compat-openldap-2.3.43_2.2.29-29.el5_11.ia64.rpm openldap-2.3.43-29.el5_11.i386.rpm openldap-2.3.43-29.el5_11.ia64.rpm openldap-clients-2.3.43-29.el5_11.ia64.rpm openldap-debuginfo-2.3.43-29.el5_11.i386.rpm openldap-debuginfo-2.3.43-29.el5_11.ia64.rpm openldap-devel-2.3.43-29.el5_11.ia64.rpm openldap-servers-2.3.43-29.el5_11.ia64.rpm openldap-servers-overlays-2.3.43-29.el5_11.ia64.rpm openldap-servers-sql-2.3.43-29.el5_11.ia64.rpm
ppc: compat-openldap-2.3.43_2.2.29-29.el5_11.ppc.rpm compat-openldap-2.3.43_2.2.29-29.el5_11.ppc64.rpm openldap-2.3.43-29.el5_11.ppc.rpm openldap-2.3.43-29.el5_11.ppc64.rpm openldap-clients-2.3.43-29.el5_11.ppc.rpm openldap-debuginfo-2.3.43-29.el5_11.ppc.rpm openldap-debuginfo-2.3.43-29.el5_11.ppc64.rpm openldap-devel-2.3.43-29.el5_11.ppc.rpm openldap-devel-2.3.43-29.el5_11.ppc64.rpm openldap-servers-2.3.43-29.el5_11.ppc.rpm openldap-servers-overlays-2.3.43-29.el5_11.ppc.rpm openldap-servers-sql-2.3.43-29.el5_11.ppc.rpm
s390x: compat-openldap-2.3.43_2.2.29-29.el5_11.s390.rpm compat-openldap-2.3.43_2.2.29-29.el5_11.s390x.rpm openldap-2.3.43-29.el5_11.s390.rpm openldap-2.3.43-29.el5_11.s390x.rpm openldap-clients-2.3.43-29.el5_11.s390x.rpm openldap-debuginfo-2.3.43-29.el5_11.s390.rpm openldap-debuginfo-2.3.43-29.el5_11.s390x.rpm openldap-devel-2.3.43-29.el5_11.s390.rpm openldap-devel-2.3.43-29.el5_11.s390x.rpm openldap-servers-2.3.43-29.el5_11.s390x.rpm openldap-servers-overlays-2.3.43-29.el5_11.s390x.rpm openldap-servers-sql-2.3.43-29.el5_11.s390x.rpm
x86_64: compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm compat-openldap-2.3.43_2.2.29-29.el5_11.x86_64.rpm openldap-2.3.43-29.el5_11.i386.rpm openldap-2.3.43-29.el5_11.x86_64.rpm openldap-clients-2.3.43-29.el5_11.x86_64.rpm openldap-debuginfo-2.3.43-29.el5_11.i386.rpm openldap-debuginfo-2.3.43-29.el5_11.x86_64.rpm openldap-devel-2.3.43-29.el5_11.i386.rpm openldap-devel-2.3.43-29.el5_11.x86_64.rpm openldap-servers-2.3.43-29.el5_11.x86_64.rpm openldap-servers-overlays-2.3.43-29.el5_11.x86_64.rpm openldap-servers-sql-2.3.43-29.el5_11.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: openldap-2.4.40-6.el6_7.src.rpm
i386: openldap-2.4.40-6.el6_7.i686.rpm openldap-clients-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm
x86_64: openldap-2.4.40-6.el6_7.i686.rpm openldap-2.4.40-6.el6_7.x86_64.rpm openldap-clients-2.4.40-6.el6_7.x86_64.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-servers-2.4.40-6.el6_7.i686.rpm openldap-servers-sql-2.4.40-6.el6_7.i686.rpm
x86_64: openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.x86_64.rpm openldap-servers-2.4.40-6.el6_7.x86_64.rpm openldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openldap-2.4.40-6.el6_7.src.rpm
x86_64: openldap-2.4.40-6.el6_7.i686.rpm openldap-2.4.40-6.el6_7.x86_64.rpm openldap-clients-2.4.40-6.el6_7.x86_64.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.x86_64.rpm openldap-servers-2.4.40-6.el6_7.x86_64.rpm openldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openldap-2.4.40-6.el6_7.src.rpm
i386: openldap-2.4.40-6.el6_7.i686.rpm openldap-clients-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-servers-2.4.40-6.el6_7.i686.rpm
ppc64: openldap-2.4.40-6.el6_7.ppc.rpm openldap-2.4.40-6.el6_7.ppc64.rpm openldap-clients-2.4.40-6.el6_7.ppc64.rpm openldap-debuginfo-2.4.40-6.el6_7.ppc.rpm openldap-debuginfo-2.4.40-6.el6_7.ppc64.rpm openldap-devel-2.4.40-6.el6_7.ppc.rpm openldap-devel-2.4.40-6.el6_7.ppc64.rpm openldap-servers-2.4.40-6.el6_7.ppc64.rpm
s390x: openldap-2.4.40-6.el6_7.s390.rpm openldap-2.4.40-6.el6_7.s390x.rpm openldap-clients-2.4.40-6.el6_7.s390x.rpm openldap-debuginfo-2.4.40-6.el6_7.s390.rpm openldap-debuginfo-2.4.40-6.el6_7.s390x.rpm openldap-devel-2.4.40-6.el6_7.s390.rpm openldap-devel-2.4.40-6.el6_7.s390x.rpm openldap-servers-2.4.40-6.el6_7.s390x.rpm
x86_64: openldap-2.4.40-6.el6_7.i686.rpm openldap-2.4.40-6.el6_7.x86_64.rpm openldap-clients-2.4.40-6.el6_7.x86_64.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.x86_64.rpm openldap-servers-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-servers-sql-2.4.40-6.el6_7.i686.rpm
ppc64: openldap-debuginfo-2.4.40-6.el6_7.ppc64.rpm openldap-servers-sql-2.4.40-6.el6_7.ppc64.rpm
s390x: openldap-debuginfo-2.4.40-6.el6_7.s390x.rpm openldap-servers-sql-2.4.40-6.el6_7.s390x.rpm
x86_64: openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm openldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openldap-2.4.40-6.el6_7.src.rpm
i386: openldap-2.4.40-6.el6_7.i686.rpm openldap-clients-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-servers-2.4.40-6.el6_7.i686.rpm
x86_64: openldap-2.4.40-6.el6_7.i686.rpm openldap-2.4.40-6.el6_7.x86_64.rpm openldap-clients-2.4.40-6.el6_7.x86_64.rpm openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm openldap-devel-2.4.40-6.el6_7.i686.rpm openldap-devel-2.4.40-6.el6_7.x86_64.rpm openldap-servers-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openldap-debuginfo-2.4.40-6.el6_7.i686.rpm openldap-servers-sql-2.4.40-6.el6_7.i686.rpm
x86_64: openldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm openldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openldap-2.4.39-7.el7_1.src.rpm
x86_64: openldap-2.4.39-7.el7_1.i686.rpm openldap-2.4.39-7.el7_1.x86_64.rpm openldap-clients-2.4.39-7.el7_1.x86_64.rpm openldap-debuginfo-2.4.39-7.el7_1.i686.rpm openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openldap-debuginfo-2.4.39-7.el7_1.i686.rpm openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm openldap-devel-2.4.39-7.el7_1.i686.rpm openldap-devel-2.4.39-7.el7_1.x86_64.rpm openldap-servers-2.4.39-7.el7_1.x86_64.rpm openldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openldap-2.4.39-7.el7_1.src.rpm
x86_64: openldap-2.4.39-7.el7_1.i686.rpm openldap-2.4.39-7.el7_1.x86_64.rpm openldap-clients-2.4.39-7.el7_1.x86_64.rpm openldap-debuginfo-2.4.39-7.el7_1.i686.rpm openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openldap-debuginfo-2.4.39-7.el7_1.i686.rpm openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm openldap-devel-2.4.39-7.el7_1.i686.rpm openldap-devel-2.4.39-7.el7_1.x86_64.rpm openldap-servers-2.4.39-7.el7_1.x86_64.rpm openldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openldap-2.4.39-7.el7_1.src.rpm
ppc64: openldap-2.4.39-7.el7_1.ppc.rpm openldap-2.4.39-7.el7_1.ppc64.rpm openldap-clients-2.4.39-7.el7_1.ppc64.rpm openldap-debuginfo-2.4.39-7.el7_1.ppc.rpm openldap-debuginfo-2.4.39-7.el7_1.ppc64.rpm openldap-devel-2.4.39-7.el7_1.ppc.rpm openldap-devel-2.4.39-7.el7_1.ppc64.rpm openldap-servers-2.4.39-7.el7_1.ppc64.rpm
s390x: openldap-2.4.39-7.el7_1.s390.rpm openldap-2.4.39-7.el7_1.s390x.rpm openldap-clients-2.4.39-7.el7_1.s390x.rpm openldap-debuginfo-2.4.39-7.el7_1.s390.rpm openldap-debuginfo-2.4.39-7.el7_1.s390x.rpm openldap-devel-2.4.39-7.el7_1.s390.rpm openldap-devel-2.4.39-7.el7_1.s390x.rpm openldap-servers-2.4.39-7.el7_1.s390x.rpm
x86_64: openldap-2.4.39-7.el7_1.i686.rpm openldap-2.4.39-7.el7_1.x86_64.rpm openldap-clients-2.4.39-7.el7_1.x86_64.rpm openldap-debuginfo-2.4.39-7.el7_1.i686.rpm openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm openldap-devel-2.4.39-7.el7_1.i686.rpm openldap-devel-2.4.39-7.el7_1.x86_64.rpm openldap-servers-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openldap-2.4.39-7.ael7b_1.src.rpm
ppc64le: openldap-2.4.39-7.ael7b_1.ppc64le.rpm openldap-clients-2.4.39-7.ael7b_1.ppc64le.rpm openldap-debuginfo-2.4.39-7.ael7b_1.ppc64le.rpm openldap-devel-2.4.39-7.ael7b_1.ppc64le.rpm openldap-servers-2.4.39-7.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openldap-debuginfo-2.4.39-7.el7_1.ppc64.rpm openldap-servers-sql-2.4.39-7.el7_1.ppc64.rpm
s390x: openldap-debuginfo-2.4.39-7.el7_1.s390x.rpm openldap-servers-sql-2.4.39-7.el7_1.s390x.rpm
x86_64: openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm openldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: openldap-debuginfo-2.4.39-7.ael7b_1.ppc64le.rpm openldap-servers-sql-2.4.39-7.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openldap-2.4.39-7.el7_1.src.rpm
x86_64: openldap-2.4.39-7.el7_1.i686.rpm openldap-2.4.39-7.el7_1.x86_64.rpm openldap-clients-2.4.39-7.el7_1.x86_64.rpm openldap-debuginfo-2.4.39-7.el7_1.i686.rpm openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm openldap-devel-2.4.39-7.el7_1.i686.rpm openldap-devel-2.4.39-7.el7_1.x86_64.rpm openldap-servers-2.4.39-7.el7_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm openldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-6908 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWCmcKXlSAg2UNWIIRAgn9AKC6H/fZbUDj3e0AyA/xkOrOx+U+/QCeIpMZ iKKXpo+XKDlK4zZLlWedI64= =yvhg -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
For the oldstable distribution (wheezy), this problem has been fixed in version 2.4.31-2+deb7u1.
For the stable distribution (jessie), this problem has been fixed in version 2.4.40+dfsg-1+deb8u1.
For the unstable distribution (sid), this problem has been fixed in version 2.4.42+dfsg-2. ============================================================================ Ubuntu Security Notice USN-2742-1 September 16, 2015
openldap vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenLDAP. (CVE-2015-6908)
Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped with a potentially unsafe default access control configuration. Depending on how the database is configure, this may allow users to impersonate others by modifying attributes such as their Unix user and group numbers. (CVE-2014-9713)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: slapd 2.4.31-1+nmu2ubuntu12.3
Ubuntu 14.04 LTS: slapd 2.4.31-1+nmu2ubuntu8.2
Ubuntu 12.04 LTS: slapd 2.4.28-1.1ubuntu4.6
In general, a standard system update will make all the necessary changes.
For existing installations, access rules that begin with "to *" need to be manually adjusted to remove any instances of "by self write"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openldap",
"scope": "lte",
"trust": 1.8,
"vendor": "openldap",
"version": "2.4.42"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.4,
"vendor": "apple",
"version": "10.11.1"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.39"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.41"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.9"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.25"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.21"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.16"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.25"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.22"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.43"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.38"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.1.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.25"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.11"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"model": "smartcloud entry fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.19"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.6"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.0.2"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.28"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.3"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.08"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.11"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.30"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.24"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.1.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.16"
},
{
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.34"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.13"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.219"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "15.04"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.113"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.0.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.15"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.32"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.13"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.22"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.8"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.22"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.36"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.7"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.11"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.22"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.110"
},
{
"model": "smartcloud entry appliance fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.221"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.40"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.33"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.26"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.12"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.10"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.5"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.14"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.35"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.36"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.18"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.25"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.15"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.21"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.23"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.12"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.42"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.39"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.14"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.8"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.24"
},
{
"model": "smartcloud entry appliance fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.222"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.27"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.17"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.22"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.11"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.10"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.7"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.2.26"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.18"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.32"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.23"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.5"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.3"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.37"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.14"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.31"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.19"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.7"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.20"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.46"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.34"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.41"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.27"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.26"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.13"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.30"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.9"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.2.15"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.3.6"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.17"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.19"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.9"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.27"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.17"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.6"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.4"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.21"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.09"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.12"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.18"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.29"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.10"
},
{
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.35"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.20"
},
{
"model": "smartcloud entry fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.33"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.12"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2015"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.13"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.1.1"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.31"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.218"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.2.29"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.42"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.34"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.40"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.2.6"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.19"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.1.16"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.21"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.15"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "1.2.2"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.4.3"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.01"
},
{
"model": "openldap",
"scope": "eq",
"trust": 0.3,
"vendor": "openldap",
"version": "2.0.8"
}
],
"sources": [
{
"db": "BID",
"id": "76714"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openldap:openldap",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denis Andzakovic",
"sources": [
{
"db": "BID",
"id": "76714"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6908",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6908",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-84869",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6908",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6908",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-148",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84869",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6908",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. OpenLDAP is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008\n\nOS X El Capitan 10.11.2 and Security Update 2015-008 is now available\nand addresses the following:\n\napache_mod_php\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.29, the most serious of which may have led to remote code\nexecution. These were addressed by updating PHP to version 5.5.30. \nCVE-ID\nCVE-2015-7803\nCVE-2015-7804\n\nAppSandbox\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application may maintain access to Contacts\nafter having access revoked\nDescription: An issue existed in the sandbox\u0027s handling of hard\nlinks. This issue was addressed through improved hardening of the app\nsandbox. \nCVE-ID\nCVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University\nPOLITEHNICA of Bucharest; Luke Deshotels and William Enck of North\nCarolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi\nof TU Darmstadt\n\nBluetooth\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in the Bluetooth HCI\ninterface. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-7108 : Ian Beer of Google Project Zero\n\nCFNetwork HTTPProtocol\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: An attacker with a privileged network position may be able\nto bypass HSTS\nDescription: An input validation issue existed within URL\nprocessing. This issue was addressed through improved URL validation. \nCVE-ID\nCVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and\nMuneaki Nishimura (nishimunea)\n\nCompression\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: An uninitialized memory access issue existed in zlib. \nThis issue was addressed through improved memory initialization and\nadditional validation of zlib streams. \nCVE-ID\nCVE-2015-7054 : j00ru\n\nConfiguration Profiles\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local attacker may be able to install a configuration\nprofile without admin privileges\nDescription: An issue existed when installing configuration\nprofiles. This issue was addressed through improved authorization\nchecks. \nCVE-ID\nCVE-2015-7062 : David Mulder of Dell Software\n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreMedia Playback\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of malformed media files. These issues were addressed\nthrough improved memory handling. \nCVE-ID\nCVE-2015-7074 : Apple\nCVE-2015-7075\n\nDisk Images\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the parsing of\ndisk images. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-7110 : Ian Beer of Google Project Zero\n\nEFI\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A path validation issue existed in the kernel loader. \nThis was addressed through improved environment sanitization. \nCVE-ID\nCVE-2015-7063 : Apple\n\nFile Bookmark\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: A path validation issue existed in app scoped\nbookmarks. This was addressed through improved environment\nsanitization. \nCVE-ID\nCVE-2015-7071 : Apple\n\nHypervisor\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A use after free issue existed in the handling of VM\nobjects. This issue was addressed through improved memory management. \nCVE-ID\nCVE-2015-7078 : Ian Beer of Google Project Zero\n\niBooks\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: Parsing a maliciously crafted iBooks file may lead to\ndisclosure of user information\nDescription: An XML external entity reference issue existed with\niBook parsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach\n(@ITSecurityguard)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in ImageIO. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-7053 : Apple\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A null pointer dereference issue was addressed through\nimproved input validation. \nCVE-ID\nCVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and\nJeongHoon Shin@A.D.D\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in the Intel Graphics\nDriver. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of\nTrendMicro, beist and ABH of BoB, and JeongHoon Shin@A.D.D\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: An out of bounds memory access issue existed in the\nIntel Graphics Driver. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-7077 : Ian Beer of Google Project Zero\n\nIOAcceleratorFamily\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in\nIOAcceleratorFamily. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-7109 : Juwei Lin of TrendMicro\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple memory corruption issues existed in\nIOHIDFamily API. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-7111 : beist and ABH of BoB\nCVE-2015-7112 : Ian Beer of Google Project Zero\n\nIOKit SCSI\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: A null pointer dereference existed in the handling of a\ncertain userclient type. This issue was addressed through improved\nvalidation. \nCVE-ID\nCVE-2015-7068 : Ian Beer of Google Project Zero\n\nIOThunderboltFamily\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference existed in\nIOThunderboltFamily\u0027s handling of certain userclient types. This\nissue was addressed through improved validation of\nIOThunderboltFamily contexts. \nCVE-ID\nCVE-2015-7067 : Juwei Lin of TrendMicro\n\nKernel\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local application may be able to cause a denial of service\nDescription: Multiple denial of service issues were addressed\nthrough improved memory handling. \nCVE-ID\nCVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team\nCVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team\nCVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team\nCVE-2015-7043 : Tarjei Mandt (@kernelpool)\n\nKernel\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues existed in the\nkernel. These issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-7083 : Ian Beer of Google Project Zero\nCVE-2015-7084 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: An issue existed in the parsing of mach messages. This\nissue was addressed through improved validation of mach messages. \nCVE-ID\nCVE-2015-7047 : Ian Beer of Google Project Zero\n\nkext tools\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A validation issue existed during the loading of kernel\nextensions. This issue was addressed through additional verification. \nCVE-ID\nCVE-2015-7052 : Apple\n\nKeychain Access\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application may be able to masquerade as the\nKeychain Server. \nDescription: An issue existed in how Keychain Access interacted with\nKeychain Agent. This issue was resolved by removing legacy\nfunctionality. \nCVE-ID\nCVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University\nBloomington, Xiaolong Bai of Indiana University Bloomington and\nTsinghua University, Tongxin Li of Peking University, Kai Chen of\nIndiana University Bloomington and Institute of Information\nEngineering, Xiaojing Liao of Georgia Institute of Technology, Shi-\nMin Hu of Tsinghua University, and Xinhui Han of Peking University\n\nlibarchive\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in the processing of\narchives. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2011-2895 : @practicalswift\n\nlibc\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: Processing a maliciously crafted package may lead to\narbitrary code execution\nDescription: Multiple buffer overflows existed in the C standard\nlibrary. These issues were addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-7038\nCVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM)\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: Multiple vulnerabilities in expat\nDescription: Multiple vulnerabilities existed in expat version prior\nto 2.1.0. These were addressed by updating expat to versions 2.1.0. \nCVE-ID\nCVE-2012-0876 : Vincent Danen\nCVE-2012-1147 : Kurt Seifried\nCVE-2012-1148 : Kurt Seifried\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: A memory corruption issue existed in the parsing of XML\nfiles. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\n\nOpenGL\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in OpenGL. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-7064 : Apple\nCVE-2015-7065 : Apple\nCVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks\n\nOpenLDAP\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A remote unauthenticated client may be able to cause a\ndenial of service\nDescription: An input validation issue existed in OpenLDAP. This\nissue was addressed through improved input validation. \nCVE-ID\nCVE-2015-6908\n\nOpenSSH\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: Multiple vulnerabilities in LibreSSL\nDescription: Multiple vulnerabilities existed in LibreSSL versions\nprior to 2.1.8. These were addressed by updating LibreSSL to version\n2.1.8. \nCVE-ID\nCVE-2015-5333\nCVE-2015-5334\n\nQuickLook\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: Opening a maliciously crafted iWork file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the handling of\niWork files. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-7107\n\nSandbox\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application with root privileges may be able to\nbypass kernel address space layout randomization\nDescription: An insufficient privilege separation issue existed in\nxnu. This issue was addressed by improved authorization checks. \nCVE-ID\nCVE-2015-7046 : Apple\n\nSecurity\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue existed in handling SSL\nhandshakes. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-7073 : Benoit Foucher of ZeroC, Inc. \n\nSecurity\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\nImpact: Processing a maliciously crafted certificate may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the ASN.1\ndecoder. These issues were addressed through improved input\nvalidation\nCVE-ID\nCVE-2015-7059 : David Keeler of Mozilla\nCVE-2015-7060 : Tyson Smith of Mozilla\nCVE-2015-7061 : Ryan Sleevi of Google\n\nSecurity\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nOS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application may gain access to a user\u0027s Keychain\nitems\nDescription: An issue existed in the validation of access control\nlists for keychain items. This issue was addressed through improved\naccess control list checks. \nCVE-ID\nCVE-2015-7058\n\nSystem Integrity Protection\nAvailable for: OS X El Capitan v10.11 and v10.11.1\nImpact: A malicious application with root privileges may be able to\nexecute arbitrary code with system privileges\nDescription: A privilege issue existed in handling union mounts. \nThis issue was addressed by improved authorization checks. \nCVE-ID\nCVE-2015-7044 : MacDefender\n\nInstallation note:\n\nSecurity Update 2015-008 is recommended for all users and improves the\nsecurity of OS X. After installing this update, the QuickTime 7 web \nbrowser plug-in will no longer be enabled by default. Learn what to \ndo if you still need this legacy plug-in. \nhttps://support.apple.com/en-us/HT205081\n\nOS X El Capitan v10.11.2 includes the security content of\nSafari 9.0.2: https://support.apple.com/en-us/HT205639\n\nOS X El Capitan 10.11.2 and Security Update 2015-008 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWZzzVAAoJEBcWfLTuOo7tQsMQAIBHD6EQQmEBqEqNqszdNS4j\nPE0wrKpgJUe79i5bUVXF3e8bK41+QGQzouceIaKK/r0aizEmUFbgvKG0BFCYacjn\n+XiDt0V4Itnf2VVvcjodEjVM8Os1BVl0G4tsrXfqJNJ8UmzqQfSFZZ0l+/yQW0rQ\njtGYuBIezeWJ/2aA2l5qC89KgiWjmN9YzwpBUx3+02maWIJaKKIvUZy4b7xbQ4fz\n0AKMHHh8u/xoPjAIpgXEpYuXM9XILabXkex3m5fp5roBipyimto/OomSsv/CuM5g\nOjMLz1ZL/dPf7yGaxSD+cTfdKJStTsm89VRWuE9MfAgWdFqjH8CpM9CT4nxX1Q8s\nIma2Vk7R+VbyOJksB2fygBtfqBmIjX+fwm52WxhW0B5HabfKMbPjoBKLGIcPsH36\nNum/gxdQ+0eswLLUzzorq3Qm2ptxoY6t/ceRAm0HE497+1+YVAKETwTbQTaBZqlB\nBhDfxk85wYfi7uuKJUH5NPP6j7sXrkJvMAuPJOXcY0QLhyxb96oD6yWaYGWjOGEY\nZ9zphs8o57l6YW1DWjvVNbZOon05bjIrepzkq6F9Q3TzCGTRgYL5BEAlgaREIZVx\nrfmFZHP3xM60SIHRKPiiADXo4dg6TvDJ6h8n+L/6OTdylxUf6bxQdoO5cmBhny1T\ngvIdn3N1k8hWpmYDjxZd\n=Yi/n\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openldap security update\nAdvisory ID: RHSA-2015:1840-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1840.html\nIssue date: 2015-09-29\nCVE Names: CVE-2015-6908 \n=====================================================================\n\n1. Summary:\n\nUpdated openldap packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5, 6, and 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenLDAP is an open source suite of Lightweight Directory Access Protocol\n(LDAP) applications and development tools. LDAP is a set of protocols used\nto access and maintain distributed directory information services over an\nIP network. The openldap package contains configuration files, libraries,\nand documentation for OpenLDAP. \n\nA flaw was found in the way the OpenLDAP server daemon (slapd) parsed\ncertain Basic Encoding Rules (BER) data. A remote attacker could use this\nflaw to crash slapd via a specially crafted packet. (CVE-2015-6908)\n\nAll openldap users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nopenldap-2.3.43-29.el5_11.src.rpm\n\ni386:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm\nopenldap-2.3.43-29.el5_11.i386.rpm\nopenldap-clients-2.3.43-29.el5_11.i386.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\n\nx86_64:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm\ncompat-openldap-2.3.43_2.2.29-29.el5_11.x86_64.rpm\nopenldap-2.3.43-29.el5_11.i386.rpm\nopenldap-2.3.43-29.el5_11.x86_64.rpm\nopenldap-clients-2.3.43-29.el5_11.x86_64.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nopenldap-2.3.43-29.el5_11.src.rpm\n\ni386:\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\nopenldap-devel-2.3.43-29.el5_11.i386.rpm\nopenldap-servers-2.3.43-29.el5_11.i386.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.i386.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.i386.rpm\n\nx86_64:\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.x86_64.rpm\nopenldap-devel-2.3.43-29.el5_11.i386.rpm\nopenldap-devel-2.3.43-29.el5_11.x86_64.rpm\nopenldap-servers-2.3.43-29.el5_11.x86_64.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.x86_64.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nopenldap-2.3.43-29.el5_11.src.rpm\n\ni386:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm\nopenldap-2.3.43-29.el5_11.i386.rpm\nopenldap-clients-2.3.43-29.el5_11.i386.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\nopenldap-devel-2.3.43-29.el5_11.i386.rpm\nopenldap-servers-2.3.43-29.el5_11.i386.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.i386.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.i386.rpm\n\nia64:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm\ncompat-openldap-2.3.43_2.2.29-29.el5_11.ia64.rpm\nopenldap-2.3.43-29.el5_11.i386.rpm\nopenldap-2.3.43-29.el5_11.ia64.rpm\nopenldap-clients-2.3.43-29.el5_11.ia64.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.ia64.rpm\nopenldap-devel-2.3.43-29.el5_11.ia64.rpm\nopenldap-servers-2.3.43-29.el5_11.ia64.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.ia64.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.ia64.rpm\n\nppc:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.ppc.rpm\ncompat-openldap-2.3.43_2.2.29-29.el5_11.ppc64.rpm\nopenldap-2.3.43-29.el5_11.ppc.rpm\nopenldap-2.3.43-29.el5_11.ppc64.rpm\nopenldap-clients-2.3.43-29.el5_11.ppc.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.ppc.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.ppc64.rpm\nopenldap-devel-2.3.43-29.el5_11.ppc.rpm\nopenldap-devel-2.3.43-29.el5_11.ppc64.rpm\nopenldap-servers-2.3.43-29.el5_11.ppc.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.ppc.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.ppc.rpm\n\ns390x:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.s390.rpm\ncompat-openldap-2.3.43_2.2.29-29.el5_11.s390x.rpm\nopenldap-2.3.43-29.el5_11.s390.rpm\nopenldap-2.3.43-29.el5_11.s390x.rpm\nopenldap-clients-2.3.43-29.el5_11.s390x.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.s390.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.s390x.rpm\nopenldap-devel-2.3.43-29.el5_11.s390.rpm\nopenldap-devel-2.3.43-29.el5_11.s390x.rpm\nopenldap-servers-2.3.43-29.el5_11.s390x.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.s390x.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.s390x.rpm\n\nx86_64:\ncompat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm\ncompat-openldap-2.3.43_2.2.29-29.el5_11.x86_64.rpm\nopenldap-2.3.43-29.el5_11.i386.rpm\nopenldap-2.3.43-29.el5_11.x86_64.rpm\nopenldap-clients-2.3.43-29.el5_11.x86_64.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.i386.rpm\nopenldap-debuginfo-2.3.43-29.el5_11.x86_64.rpm\nopenldap-devel-2.3.43-29.el5_11.i386.rpm\nopenldap-devel-2.3.43-29.el5_11.x86_64.rpm\nopenldap-servers-2.3.43-29.el5_11.x86_64.rpm\nopenldap-servers-overlays-2.3.43-29.el5_11.x86_64.rpm\nopenldap-servers-sql-2.3.43-29.el5_11.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenldap-2.4.40-6.el6_7.src.rpm\n\ni386:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-clients-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\n\nx86_64:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-2.4.40-6.el6_7.x86_64.rpm\nopenldap-clients-2.4.40-6.el6_7.x86_64.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-servers-2.4.40-6.el6_7.i686.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.i686.rpm\n\nx86_64:\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenldap-2.4.40-6.el6_7.src.rpm\n\nx86_64:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-2.4.40-6.el6_7.x86_64.rpm\nopenldap-clients-2.4.40-6.el6_7.x86_64.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenldap-2.4.40-6.el6_7.src.rpm\n\ni386:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-clients-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-servers-2.4.40-6.el6_7.i686.rpm\n\nppc64:\nopenldap-2.4.40-6.el6_7.ppc.rpm\nopenldap-2.4.40-6.el6_7.ppc64.rpm\nopenldap-clients-2.4.40-6.el6_7.ppc64.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.ppc.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.ppc64.rpm\nopenldap-devel-2.4.40-6.el6_7.ppc.rpm\nopenldap-devel-2.4.40-6.el6_7.ppc64.rpm\nopenldap-servers-2.4.40-6.el6_7.ppc64.rpm\n\ns390x:\nopenldap-2.4.40-6.el6_7.s390.rpm\nopenldap-2.4.40-6.el6_7.s390x.rpm\nopenldap-clients-2.4.40-6.el6_7.s390x.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.s390.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.s390x.rpm\nopenldap-devel-2.4.40-6.el6_7.s390.rpm\nopenldap-devel-2.4.40-6.el6_7.s390x.rpm\nopenldap-servers-2.4.40-6.el6_7.s390x.rpm\n\nx86_64:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-2.4.40-6.el6_7.x86_64.rpm\nopenldap-clients-2.4.40-6.el6_7.x86_64.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.i686.rpm\n\nppc64:\nopenldap-debuginfo-2.4.40-6.el6_7.ppc64.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.ppc64.rpm\n\ns390x:\nopenldap-debuginfo-2.4.40-6.el6_7.s390x.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.s390x.rpm\n\nx86_64:\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenldap-2.4.40-6.el6_7.src.rpm\n\ni386:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-clients-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-servers-2.4.40-6.el6_7.i686.rpm\n\nx86_64:\nopenldap-2.4.40-6.el6_7.i686.rpm\nopenldap-2.4.40-6.el6_7.x86_64.rpm\nopenldap-clients-2.4.40-6.el6_7.x86_64.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\nopenldap-devel-2.4.40-6.el6_7.i686.rpm\nopenldap-devel-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenldap-debuginfo-2.4.40-6.el6_7.i686.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.i686.rpm\n\nx86_64:\nopenldap-debuginfo-2.4.40-6.el6_7.x86_64.rpm\nopenldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenldap-2.4.39-7.el7_1.src.rpm\n\nx86_64:\nopenldap-2.4.39-7.el7_1.i686.rpm\nopenldap-2.4.39-7.el7_1.x86_64.rpm\nopenldap-clients-2.4.39-7.el7_1.x86_64.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.i686.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenldap-debuginfo-2.4.39-7.el7_1.i686.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\nopenldap-devel-2.4.39-7.el7_1.i686.rpm\nopenldap-devel-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenldap-2.4.39-7.el7_1.src.rpm\n\nx86_64:\nopenldap-2.4.39-7.el7_1.i686.rpm\nopenldap-2.4.39-7.el7_1.x86_64.rpm\nopenldap-clients-2.4.39-7.el7_1.x86_64.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.i686.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenldap-debuginfo-2.4.39-7.el7_1.i686.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\nopenldap-devel-2.4.39-7.el7_1.i686.rpm\nopenldap-devel-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenldap-2.4.39-7.el7_1.src.rpm\n\nppc64:\nopenldap-2.4.39-7.el7_1.ppc.rpm\nopenldap-2.4.39-7.el7_1.ppc64.rpm\nopenldap-clients-2.4.39-7.el7_1.ppc64.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.ppc.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.ppc64.rpm\nopenldap-devel-2.4.39-7.el7_1.ppc.rpm\nopenldap-devel-2.4.39-7.el7_1.ppc64.rpm\nopenldap-servers-2.4.39-7.el7_1.ppc64.rpm\n\ns390x:\nopenldap-2.4.39-7.el7_1.s390.rpm\nopenldap-2.4.39-7.el7_1.s390x.rpm\nopenldap-clients-2.4.39-7.el7_1.s390x.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.s390.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.s390x.rpm\nopenldap-devel-2.4.39-7.el7_1.s390.rpm\nopenldap-devel-2.4.39-7.el7_1.s390x.rpm\nopenldap-servers-2.4.39-7.el7_1.s390x.rpm\n\nx86_64:\nopenldap-2.4.39-7.el7_1.i686.rpm\nopenldap-2.4.39-7.el7_1.x86_64.rpm\nopenldap-clients-2.4.39-7.el7_1.x86_64.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.i686.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\nopenldap-devel-2.4.39-7.el7_1.i686.rpm\nopenldap-devel-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenldap-2.4.39-7.ael7b_1.src.rpm\n\nppc64le:\nopenldap-2.4.39-7.ael7b_1.ppc64le.rpm\nopenldap-clients-2.4.39-7.ael7b_1.ppc64le.rpm\nopenldap-debuginfo-2.4.39-7.ael7b_1.ppc64le.rpm\nopenldap-devel-2.4.39-7.ael7b_1.ppc64le.rpm\nopenldap-servers-2.4.39-7.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenldap-debuginfo-2.4.39-7.el7_1.ppc64.rpm\nopenldap-servers-sql-2.4.39-7.el7_1.ppc64.rpm\n\ns390x:\nopenldap-debuginfo-2.4.39-7.el7_1.s390x.rpm\nopenldap-servers-sql-2.4.39-7.el7_1.s390x.rpm\n\nx86_64:\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nopenldap-debuginfo-2.4.39-7.ael7b_1.ppc64le.rpm\nopenldap-servers-sql-2.4.39-7.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenldap-2.4.39-7.el7_1.src.rpm\n\nx86_64:\nopenldap-2.4.39-7.el7_1.i686.rpm\nopenldap-2.4.39-7.el7_1.x86_64.rpm\nopenldap-clients-2.4.39-7.el7_1.x86_64.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.i686.rpm\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\nopenldap-devel-2.4.39-7.el7_1.i686.rpm\nopenldap-devel-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-2.4.39-7.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenldap-debuginfo-2.4.39-7.el7_1.x86_64.rpm\nopenldap-servers-sql-2.4.39-7.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-6908\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWCmcKXlSAg2UNWIIRAgn9AKC6H/fZbUDj3e0AyA/xkOrOx+U+/QCeIpMZ\niKKXpo+XKDlK4zZLlWedI64=\n=yvhg\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 2.4.31-2+deb7u1. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.4.40+dfsg-1+deb8u1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.4.42+dfsg-2. ============================================================================\nUbuntu Security Notice USN-2742-1\nSeptember 16, 2015\n\nopenldap vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenLDAP. (CVE-2015-6908)\n\nDietrich Clauss discovered that the OpenLDAP package incorrectly shipped\nwith a potentially unsafe default access control configuration. Depending\non how the database is configure, this may allow users to impersonate\nothers by modifying attributes such as their Unix user and group numbers. \n(CVE-2014-9713)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n slapd 2.4.31-1+nmu2ubuntu12.3\n\nUbuntu 14.04 LTS:\n slapd 2.4.31-1+nmu2ubuntu8.2\n\nUbuntu 12.04 LTS:\n slapd 2.4.28-1.1ubuntu4.6\n\nIn general, a standard system update will make all the necessary changes. \n\nFor existing installations, access rules that begin with \"to *\" need to be\nmanually adjusted to remove any instances of \"by self write\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6908"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "BID",
"id": "76714"
},
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"db": "PACKETSTORM",
"id": "134748"
},
{
"db": "PACKETSTORM",
"id": "133775"
},
{
"db": "PACKETSTORM",
"id": "133529"
},
{
"db": "PACKETSTORM",
"id": "133573"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-84869",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38145",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "VULMON",
"id": "CVE-2015-6908"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6908",
"trust": 3.3
},
{
"db": "BID",
"id": "76714",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1033534",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU97526033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "133775",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "133529",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "38145",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-84869",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6908",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134748",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133573",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"db": "BID",
"id": "76714"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "PACKETSTORM",
"id": "134748"
},
{
"db": "PACKETSTORM",
"id": "133775"
},
{
"db": "PACKETSTORM",
"id": "133529"
},
{
"db": "PACKETSTORM",
"id": "133573"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"id": "VAR-201509-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84869"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:26:35.755000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"title": "HT205637",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205637"
},
{
"title": "HT205637",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/HT205637"
},
{
"title": "ITS#8240 remove obsolete assert",
"trust": 0.8,
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629"
},
{
"title": "Software Bugs/8240",
"trust": 0.8,
"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240"
},
{
"title": "TLSA-2016-1",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/TLSA-2016-1j.html"
},
{
"title": "openldap.git-6fe51a9ab04fd28bbc171da3cf12f1c1040d6629",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57727"
},
{
"title": "Debian CVElist Bug Report Logs: openldap: CVE-2015-6908: ber_get_next denial of service vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4f5afc1a94fc95c218586f6ada83f20e"
},
{
"title": "Debian Security Advisories: DSA-3356-1 openldap -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=b361240a82d2fc06ecd3518f18637117"
},
{
"title": "Ubuntu Security Notice: openldap vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2742-1"
},
{
"title": "Amazon Linux AMI: ALAS-2015-599",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-599"
},
{
"title": "Apple: OS X El Capitan 10.11.2, Security Update\u00a02015-005 Yosemite, and Security Update 2015-008 Mavericks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=b4f5fe7974fd9e73002edba00722e010"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1840.html"
},
{
"trust": 1.5,
"url": "http://www.openldap.org/its/index.cgi/software%20bugs?id=8240"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 1.5,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.5,
"url": "http://www.security-assessment.com/files/documents/advisory/openldap-ber_get_next-denial-of-service.pdf"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-2742-1"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/dec/msg00005.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/76714"
},
{
"trust": 1.2,
"url": "https://support.apple.com/ht205637"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2015/dsa-3356"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1033534"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"trust": 1.0,
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3ba=commit%3bh=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6908"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97526033/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6908"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-identified-in-bigfix-platform-shipped-with-ibm-license-metric-tool-2/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6908"
},
{
"trust": 0.3,
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629"
},
{
"trust": 0.3,
"url": "http://www.openldap.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023640"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024650"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099421"
},
{
"trust": 0.2,
"url": "http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41267"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/38145/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2742-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3807"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7052"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7045"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7047"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7046"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7060"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7043"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7058"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0876"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2895"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7059"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5334"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7039"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7054"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7063"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7062"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht205081"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht205639"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7061"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7038"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-6908"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openldap/2.4.28-1.1ubuntu4.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openldap/2.4.31-1+nmu2ubuntu12.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openldap/2.4.31-1+nmu2ubuntu8.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9713"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"db": "BID",
"id": "76714"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "PACKETSTORM",
"id": "134748"
},
{
"db": "PACKETSTORM",
"id": "133775"
},
{
"db": "PACKETSTORM",
"id": "133529"
},
{
"db": "PACKETSTORM",
"id": "133573"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84869"
},
{
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"db": "BID",
"id": "76714"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"db": "PACKETSTORM",
"id": "134748"
},
{
"db": "PACKETSTORM",
"id": "133775"
},
{
"db": "PACKETSTORM",
"id": "133529"
},
{
"db": "PACKETSTORM",
"id": "133573"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-11T00:00:00",
"db": "VULHUB",
"id": "VHN-84869"
},
{
"date": "2015-09-11T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"date": "2015-09-10T00:00:00",
"db": "BID",
"id": "76714"
},
{
"date": "2015-09-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"date": "2015-12-10T17:16:36",
"db": "PACKETSTORM",
"id": "134748"
},
{
"date": "2015-09-30T03:52:34",
"db": "PACKETSTORM",
"id": "133775"
},
{
"date": "2015-09-15T04:46:26",
"db": "PACKETSTORM",
"id": "133529"
},
{
"date": "2015-09-17T03:30:33",
"db": "PACKETSTORM",
"id": "133573"
},
{
"date": "2015-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"date": "2015-09-11T16:59:12.800000",
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-22T00:00:00",
"db": "VULHUB",
"id": "VHN-84869"
},
{
"date": "2016-12-22T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6908"
},
{
"date": "2017-01-12T00:13:00",
"db": "BID",
"id": "76714"
},
{
"date": "2016-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004685"
},
{
"date": "2020-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-148"
},
{
"date": "2024-11-21T02:35:50.517000",
"db": "NVD",
"id": "CVE-2015-6908"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "133775"
},
{
"db": "PACKETSTORM",
"id": "133529"
},
{
"db": "PACKETSTORM",
"id": "133573"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenLDAP of libraries/liblber/io.c of ber_get_next Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004685"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-148"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.