6.8 - GLSA-201406-36

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	OpenLDAP: Multiple vulnerabilities

Informations
Name	GLSA-201406-36	First vendor Publication	2014-06-30
Vendor	Gentoo	Last vendor Modification	2014-06-30
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities were found in OpenLDAP, allowing for Denial of Service or a man-in-the-middle attack.

Background

OpenLDAP is an LDAP suite of application and development tools.

Description

Multiple vulnerabilities have been discovered in OpenLDAP. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker might employ a specially crafted certificate to conduct man-in-the-middle attacks on SSL connections made using OpenLDAP, bypass security restrictions or cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All OpenLDAP users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-nds/openldap-2.4.35"

References

[ 1 ] CVE-2009-3767 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3767
[ 2 ] CVE-2010-0211 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0211
[ 3 ] CVE-2010-0212 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0212
[ 4 ] CVE-2011-1024 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1024
[ 5 ] CVE-2011-1025 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1025
[ 6 ] CVE-2011-1081 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1081
[ 7 ] CVE-2011-4079 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4079
[ 8 ] CVE-2012-1164 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1164
[ 9 ] CVE-2012-2668 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2668

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201406-36.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201406-36.xml

CWE : Common Weakness Enumeration

%	Id	Name
22 %	CWE-264	Permissions, Privileges, and Access Controls
11 %	CWE-399	Resource Management Errors
11 %	CWE-295	Certificate Issues
11 %	CWE-287	Improper Authentication
11 %	CWE-252	Unchecked Return Value
11 %	CWE-200	Information Exposure
11 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
11 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11178

Oval ID:	oval:org.mitre.oval:def:11178
Title:	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Description:	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-3767	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section compat-openldap is earlier than 0:2.3.43-12.el5 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5 AND openldap-devel is earlier than 0:2.3.43-12.el5 AND openldap-clients is earlier than 0:2.3.43-12.el5 AND openldap is earlier than 0:2.3.43-12.el5 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5 AND openldap-servers is earlier than 0:2.3.43-12.el5

Definition Id: oval:org.mitre.oval:def:12715

Oval ID:	oval:org.mitre.oval:def:12715
Title:	DSA-2077-1 openldap -- several
Description:	Two remote vulnerabilities have been discovered in OpenLDAP. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0211 The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences. CVE-2010-0212 OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string. For the stable distribution, this problem has been fixed in version 2.4.11-1+lenny2. For the unstable distribution, this problem has been fixed in version 2.4.23-1. We recommend that you upgrade your openldap packages.
Family:	unix	Class:	patch
Reference(s):	DSA-2077-1 CVE-2010-0211 CVE-2010-0212	Version:	5
Platform(s):	Debian GNU/Linux 5.0	Product(s):	openldap
Definition Synopsis:
Debian GNU/Linux 5.0 is installed Packages section slapd-dbg DPKG is earlier than 2.4.11-1+lenny2 AND libldap-2.4-2 DPKG is earlier than 2.4.11-1+lenny2 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.11-1+lenny2 AND ldap-utils DPKG is earlier than 2.4.11-1+lenny2 AND libldap2-dev DPKG is earlier than 2.4.11-1+lenny2 AND slapd DPKG is earlier than 2.4.11-1+lenny2

Definition Id: oval:org.mitre.oval:def:13097

Oval ID:	oval:org.mitre.oval:def:13097
Title:	USN-965-1 -- openldap, openldap2.2, openldap2.3 vulnerabilities
Description:	Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomäki discovered that the slap_modrdn2mods function in modrdn.c in OpenLDAP does not check the return value from a call to the smr_normalize function. A remote attacker could use specially crafted modrdn requests to crash the slapd daemon or possibly execute arbitrary code. Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomäki discovered that OpenLDAP does not properly handle empty RDN strings. A remote attacker could use specially crafted modrdn requests to crash the slapd daemon. In the default installation under Ubuntu 8.04 LTS and later, attackers would be isolated by the OpenLDAP AppArmor profile for the slapd daemon.
Family:	unix	Class:	patch
Reference(s):	USN-965-1 CVE-2010-0211 CVE-2010-0212	Version:	5
Platform(s):	Ubuntu 8.04 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 9.04	Product(s):	openldap openldap2.2 openldap2.3
Definition Synopsis:
Release section Ubuntu 8.04 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is lpia AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.9-0ubuntu0.8.04.4 AND libldap-2.4-2 DPKG is earlier than 2.4.9-0ubuntu0.8.04.4 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.9-0ubuntu0.8.04.4 AND ldap-utils DPKG is earlier than 2.4.9-0ubuntu0.8.04.4 AND libldap2-dev DPKG is earlier than 2.4.9-0ubuntu0.8.04.4 AND slapd DPKG is earlier than 2.4.9-0ubuntu0.8.04.4 OR Release section Ubuntu 10.04 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.21-0ubuntu5.2 AND libldap-2.4-2 DPKG is earlier than 2.4.21-0ubuntu5.2 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.21-0ubuntu5.2 AND ldap-utils DPKG is earlier than 2.4.21-0ubuntu5.2 AND libldap2-dev DPKG is earlier than 2.4.21-0ubuntu5.2 AND slapd DPKG is earlier than 2.4.21-0ubuntu5.2 OR Release section Ubuntu 9.10 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is lpia AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.18-0ubuntu1.1 AND libldap-2.4-2 DPKG is earlier than 2.4.18-0ubuntu1.1 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.18-0ubuntu1.1 AND ldap-utils DPKG is earlier than 2.4.18-0ubuntu1.1 AND libldap2-dev DPKG is earlier than 2.4.18-0ubuntu1.1 AND slapd DPKG is earlier than 2.4.18-0ubuntu1.1 OR Release section Ubuntu 6.06 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section ldap-utils DPKG is earlier than 2.2.26-5ubuntu2.10 AND libldap-2.2-7 DPKG is earlier than 2.2.26-5ubuntu2.10 AND slapd DPKG is earlier than 2.2.26-5ubuntu2.10 OR Release section Ubuntu 9.04 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is lpia AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.15-1ubuntu3.1 AND libldap-2.4-2 DPKG is earlier than 2.4.15-1ubuntu3.1 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.15-1ubuntu3.1 AND ldap-utils DPKG is earlier than 2.4.15-1ubuntu3.1 AND libldap2-dev DPKG is earlier than 2.4.15-1ubuntu3.1 AND slapd DPKG is earlier than 2.4.15-1ubuntu3.1

Definition Id: oval:org.mitre.oval:def:13722

Oval ID:	oval:org.mitre.oval:def:13722
Title:	USN-1100-1 -- openldap, openldap2.3 vulnerabilities
Description:	It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. It was discovered that OpenLDAP did not properly perform authentication checks to the rootdn when using the back-ndb backend. An attacker could exploit this to access the directory by sending an arbitrary password. Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue did not affect Ubuntu 8.04 LTS. It was discovered that OpenLDAP did not properly validate modrdn requests. An unauthenticated remote user could use this to cause a denial of service via application crash
Family:	unix	Class:	patch
Reference(s):	USN-1100-1 CVE-2011-1024 CVE-2011-1025 CVE-2011-1081	Version:	5
Platform(s):	Ubuntu 8.04 Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04	Product(s):	openldap openldap2.3
Definition Synopsis:
Release section Ubuntu 8.04 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is lpia AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.9-0ubuntu0.8.04.5 AND libldap-2.4-2 DPKG is earlier than 2.4.9-0ubuntu0.8.04.5 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.9-0ubuntu0.8.04.5 AND ldap-utils DPKG is earlier than 2.4.9-0ubuntu0.8.04.5 AND libldap2-dev DPKG is earlier than 2.4.9-0ubuntu0.8.04.5 AND slapd DPKG is earlier than 2.4.9-0ubuntu0.8.04.5 OR Release section Ubuntu 10.10 is installed AND Supported architectures section Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.23-0ubuntu3.5 AND libldap-2.4-2 DPKG is earlier than 2.4.23-0ubuntu3.5 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.23-0ubuntu3.5 AND ldap-utils DPKG is earlier than 2.4.23-0ubuntu3.5 AND libldap2-dev DPKG is earlier than 2.4.23-0ubuntu3.5 AND slapd DPKG is earlier than 2.4.23-0ubuntu3.5 OR Release section Ubuntu 9.10 is installed AND Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is armel AND Installed architecture is lpia AND Packages section slapd-dbg DPKG is earlier than 2.4.18-0ubuntu1.2 AND libldap-2.4-2 DPKG is earlier than 2.4.18-0ubuntu1.2 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.18-0ubuntu1.2 AND ldap-utils DPKG is earlier than 2.4.18-0ubuntu1.2 AND libldap2-dev DPKG is earlier than 2.4.18-0ubuntu1.2 AND slapd DPKG is earlier than 2.4.18-0ubuntu1.2 OR Release section Ubuntu 10.04 is installed AND Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is amd64 AND Installed architecture is powerpc AND Packages section slapd-dbg DPKG is earlier than 2.4.21-0ubuntu5.4 AND libldap-2.4-2 DPKG is earlier than 2.4.21-0ubuntu5.4 AND libldap-2.4-2-dbg DPKG is earlier than 2.4.21-0ubuntu5.4 AND ldap-utils DPKG is earlier than 2.4.21-0ubuntu5.4 AND libldap2-dev DPKG is earlier than 2.4.21-0ubuntu5.4 AND slapd DPKG is earlier than 2.4.21-0ubuntu5.4

Definition Id: oval:org.mitre.oval:def:13869

Oval ID:	oval:org.mitre.oval:def:13869
Title:	USN-858-1 -- openldap2.2 vulnerability
Description:	It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
Family:	unix	Class:	patch
Reference(s):	USN-858-1 CVE-2009-3767	Version:	5
Platform(s):	Ubuntu 6.06	Product(s):	openldap2.2
Definition Synopsis:
Ubuntu 6.06 is installed Supported architectures section Installed architecture is sparc AND Installed architecture is i386 AND Installed architecture is amd64 AND Installed architecture is powerpc Packages section ldap-utils DPKG is earlier than 2.2.26-5ubuntu2.9 AND libldap-2.2-7 DPKG is earlier than 2.2.26-5ubuntu2.9 AND slapd DPKG is earlier than 2.2.26-5ubuntu2.9

Definition Id: oval:org.mitre.oval:def:15434

Oval ID:	oval:org.mitre.oval:def:15434
Title:	USN-1266-1 -- OpenLDAP vulnerability
Description:	openldap: OpenLDAP utilities An OpenLDAP server could potentially be made to crash if it received specially crafted network traffic from an authenticated user.
Family:	unix	Class:	patch
Reference(s):	USN-1266-1 CVE-2011-4079	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10	Product(s):	OpenLDAP
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND slapd DPKG is earlier than 2.4.23-6ubuntu6.1 OR Release section Ubuntu 11.10 is installed AND Installed architecture is all AND slapd DPKG is earlier than 2.4.25-1.1ubuntu4.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND slapd DPKG is earlier than 2.4.21-0ubuntu5.6 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND slapd DPKG is earlier than 2.4.23-0ubuntu3.7

Definition Id: oval:org.mitre.oval:def:19902

Oval ID:	oval:org.mitre.oval:def:19902
Title:	VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
Description:	OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2010-0212	Version:	4
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
Patch ESX400-201101402-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201101402-SG is not installed

Definition Id: oval:org.mitre.oval:def:20225

Oval ID:	oval:org.mitre.oval:def:20225
Title:	DSA-1943-1 openldap openldap2.3 - SSL certificate
Description:	It was discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Family:	unix	Class:	patch
Reference(s):	DSA-1943-1 CVE-2009-3767	Version:	5
Platform(s):	Debian GNU/Linux 4.0 Debian GNU/Linux 5.0	Product(s):	openldap2.3 openldap
Definition Synopsis:
Release section Debian GNU/Linux 4.0 is installed. AND openldap2.3 DPKG is earlier than 0:2.3.30-5+etch3 AND Release section Debian GNU/Linux 5.0 is installed AND openldap DPKG is earlier than 0:2.4.11-1+lenny1

Definition Id: oval:org.mitre.oval:def:20506

Oval ID:	oval:org.mitre.oval:def:20506
Title:	VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
Description:	The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2010-0211	Version:	4
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
Patch ESX400-201101402-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201101402-SG is not installed

Definition Id: oval:org.mitre.oval:def:21504

Oval ID:	oval:org.mitre.oval:def:21504
Title:	RHSA-2012:0899: openldap security and bug fix update (Low)
Description:	slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0899-04 CESA-2012:0899 CVE-2012-1164	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openldap
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section openldap-servers is earlier than 0:2.4.23-26.el6 AND openldap is earlier than 0:2.4.23-26.el6 AND openldap-clients is earlier than 0:2.4.23-26.el6 AND openldap-devel is earlier than 0:2.4.23-26.el6 AND openldap-servers-sql is earlier than 0:2.4.23-26.el6

Definition Id: oval:org.mitre.oval:def:21596

Oval ID:	oval:org.mitre.oval:def:21596
Title:	RHSA-2012:1151: openldap security and bug fix update (Low)
Description:	libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1151-01 CESA-2012:1151 CVE-2012-2668	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	openldap
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section openldap-servers is earlier than 0:2.4.23-26.el6_3.2 AND openldap is earlier than 0:2.4.23-26.el6_3.2 AND openldap-clients is earlier than 0:2.4.23-26.el6_3.2 AND openldap-devel is earlier than 0:2.4.23-26.el6_3.2 AND openldap-servers-sql is earlier than 0:2.4.23-26.el6_3.2

Definition Id: oval:org.mitre.oval:def:21750

Oval ID:	oval:org.mitre.oval:def:21750
Title:	RHSA-2011:0347: openldap security update (Moderate)
Description:	modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:0347-01 CVE-2011-1024 CVE-2011-1025 CVE-2011-1081	Version:	42
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	openldap
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section openldap-servers is earlier than 0:2.4.19-15.el6_0.2 AND compat-openldap is earlier than 0:2.4.19_2.3.43-15.el6_0.2 AND openldap is earlier than 0:2.4.19-15.el6_0.2 AND openldap-clients is earlier than 0:2.4.19-15.el6_0.2 AND openldap-devel is earlier than 0:2.4.19-15.el6_0.2 AND openldap-servers-sql is earlier than 0:2.4.19-15.el6_0.2

Definition Id: oval:org.mitre.oval:def:21799

Oval ID:	oval:org.mitre.oval:def:21799
Title:	RHSA-2010:0198: openldap security and bug fix update (Moderate)
Description:	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0198-04 CVE-2009-3767	Version:	4
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	openldap
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 Packages section openldap-devel is earlier than 0:2.3.43-12.el5 AND openldap-clients is earlier than 0:2.3.43-12.el5 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5 AND openldap is earlier than 0:2.3.43-12.el5 AND openldap-servers is earlier than 0:2.3.43-12.el5 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5

Definition Id: oval:org.mitre.oval:def:21865

Oval ID:	oval:org.mitre.oval:def:21865
Title:	RHSA-2011:0346: openldap security and bug fix update (Moderate)
Description:	chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:0346-01 CESA-2011:0346 CVE-2011-1024	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	openldap
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section openldap-devel is earlier than 0:2.3.43-12.el5_6.7 AND openldap-clients is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5_6.7 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_6.7 AND openldap is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5_6.7

Definition Id: oval:org.mitre.oval:def:22380

Oval ID:	oval:org.mitre.oval:def:22380
Title:	RHSA-2010:0542: openldap security update (Moderate)
Description:	OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0542-01 CESA-2010:0542 CVE-2010-0211 CVE-2010-0212	Version:	29
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	openldap
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section openldap-devel is earlier than 0:2.3.43-12.el5_5.1 AND openldap-clients is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5_5.1 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_5.1 AND openldap is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5_5.1

Definition Id: oval:org.mitre.oval:def:22679

Oval ID:	oval:org.mitre.oval:def:22679
Title:	ELSA-2011:0347: openldap security update (Moderate)
Description:	modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:0347-01 CVE-2011-1024 CVE-2011-1025 CVE-2011-1081	Version:	17
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x rpm test openldap-servers is earlier than 0:2.4.19-15.el6_0.2 AND compat-openldap is earlier than 0:2.4.19_2.3.43-15.el6_0.2 AND openldap is earlier than 0:2.4.19-15.el6_0.2 AND openldap-clients is earlier than 0:2.4.19-15.el6_0.2 AND openldap-devel is earlier than 0:2.4.19-15.el6_0.2 AND openldap-servers-sql is earlier than 0:2.4.19-15.el6_0.2

Definition Id: oval:org.mitre.oval:def:22857

Oval ID:	oval:org.mitre.oval:def:22857
Title:	ELSA-2010:0542: openldap security update (Moderate)
Description:	OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0542-01 CVE-2010-0211 CVE-2010-0212	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x rpm test openldap-devel is earlier than 0:2.3.43-12.el5_5.1 AND openldap-clients is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5_5.1 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_5.1 AND openldap is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5_5.1

Definition Id: oval:org.mitre.oval:def:23047

Oval ID:	oval:org.mitre.oval:def:23047
Title:	ELSA-2010:0198: openldap security and bug fix update (Moderate)
Description:	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0198-04 CVE-2009-3767	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x rpm test openldap-devel is earlier than 0:2.3.43-12.el5 AND openldap-clients is earlier than 0:2.3.43-12.el5 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5 AND openldap is earlier than 0:2.3.43-12.el5 AND openldap-servers is earlier than 0:2.3.43-12.el5 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5

Definition Id: oval:org.mitre.oval:def:23088

Oval ID:	oval:org.mitre.oval:def:23088
Title:	ELSA-2011:0346: openldap security and bug fix update (Moderate)
Description:	chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:0346-01 CVE-2011-1024	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x rpm test openldap-devel is earlier than 0:2.3.43-12.el5_6.7 AND openldap-clients is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5_6.7 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_6.7 AND openldap is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5_6.7

Definition Id: oval:org.mitre.oval:def:23471

Oval ID:	oval:org.mitre.oval:def:23471
Title:	ELSA-2012:1151: openldap security and bug fix update (Low)
Description:	libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1151-01 CVE-2012-2668	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x rpm test openldap-servers is earlier than 0:2.4.23-26.el6_3.2 AND openldap is earlier than 0:2.4.23-26.el6_3.2 AND openldap-clients is earlier than 0:2.4.23-26.el6_3.2 AND openldap-devel is earlier than 0:2.4.23-26.el6_3.2 AND openldap-servers-sql is earlier than 0:2.4.23-26.el6_3.2

Definition Id: oval:org.mitre.oval:def:23631

Oval ID:	oval:org.mitre.oval:def:23631
Title:	ELSA-2012:0899: openldap security and bug fix update (Low)
Description:	slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0899-04 CVE-2012-1164	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x rpm test openldap-servers is earlier than 0:2.4.23-26.el6 AND openldap is earlier than 0:2.4.23-26.el6 AND openldap-clients is earlier than 0:2.4.23-26.el6 AND openldap-devel is earlier than 0:2.4.23-26.el6 AND openldap-servers-sql is earlier than 0:2.4.23-26.el6

Definition Id: oval:org.mitre.oval:def:27053

Oval ID:	oval:org.mitre.oval:def:27053
Title:	DEPRECATED: ELSA-2012-1151 -- openldap security and bug fix update (low)
Description:	[2.4.23-26.2] - CVE-2012-2668 (#825875) cipher suite selection by name can be ignored default cipher suite is always selected [2.4.23-26.1] - fix: smbk5pwd module computes invalid LM hashes (#820278)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1151 CVE-2012-2668	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x Packages match section openldap is earlier than 0:2.4.23-26.el6_3.2 AND openldap-clients is earlier than 0:2.4.23-26.el6_3.2 AND openldap-devel is earlier than 0:2.4.23-26.el6_3.2 AND openldap-servers is earlier than 0:2.4.23-26.el6_3.2 AND openldap-servers-sql is earlier than 0:2.4.23-26.el6_3.2

Definition Id: oval:org.mitre.oval:def:27370

Oval ID:	oval:org.mitre.oval:def:27370
Title:	DEPRECATED: ELSA-2011-0346 -- openldap security and bug fix update (moderate)
Description:	[2.3.43-12.7] - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success (#680484) [2.3.43-12.6] - fix: slapd concurrent access to connections causes slapd to silently die (#677611)
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-0346 CVE-2011-1024	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x Packages match section openldap is earlier than 0:2.3.43-12.el5_6.7 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_6.7 AND openldap-clients is earlier than 0:2.3.43-12.el5_6.7 AND openldap-devel is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5_6.7 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5_6.7

Definition Id: oval:org.mitre.oval:def:27559

Oval ID:	oval:org.mitre.oval:def:27559
Title:	DEPRECATED: ELSA-2012-0899 -- openldap security and bug fix update (low)
Description:	[2.4.23-26] - fix: MozNSS CA cert dir does not work together with PEM CA cert file (#818844) - fix: memory leak: def_urlpre is not freed (#816168) - fix update: Default SSL certificate bundle is not found by openldap library (#742023) [2.4.23-25] - fix update: Default SSL certificate bundle is not found by openldap library (#742023) [2.4.23-24] - fix update: Default SSL certificate bundle is not found by openldap library (#742023) - fix: memberof overlay on the frontend database causes server segfault (#730745) [2.4.23-23] - security fix: CVE-2012-1164: assertion failure by processing search queries requesting only attributes for particular entry (#813162) [2.4.23-22] - fix: libraries leak memory when following referrals (#807363) [2.4.23-21] - fix: ldapsearch crashes with invalid parameters (#743781) - fix: replication (syncrepl) with TLS causes segfault (#783445) - fix: openldap server in MirrorMode sometimes fails to resync via syncrepl (#784211) - use portreserve to reserve LDAPS port (636/tcp+udp) (#790687) - fix: missing options in manual pages of client tools (#745470) - fix: SASL_NOCANON option missing in ldap.conf manual page (#732916) - fix: slapd segfaults when certificate key cannot be loaded (#796808) - Jan Synacek <jsynacek@redhat.com> + fix: overlay constraint with count option work bad with modify operation (#742163) + fix: Default SSL certificate bundle is not found by openldap library (#742023) + fix: Duplicate close() calls in OpenLDAP (#784203)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0899 CVE-2012-1164	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x Packages match section openldap is earlier than 0:2.4.23-26.el6 AND openldap-clients is earlier than 0:2.4.23-26.el6 AND openldap-devel is earlier than 0:2.4.23-26.el6 AND openldap-servers is earlier than 0:2.4.23-26.el6 AND openldap-servers-sql is earlier than 0:2.4.23-26.el6

Definition Id: oval:org.mitre.oval:def:27588

Oval ID:	oval:org.mitre.oval:def:27588
Title:	DEPRECATED: ELSA-2010-0542 -- openldap security update (moderate)
Description:	[2.3.43-12.1] - fixed segfault issues in modrdn (#606375) - added patch handling null char in TLS to compat package (#606375, patch backported by Jan Vcelak <jvcelak@redhat.com>)
Family:	unix	Class:	patch
Reference(s):	ELSA-2010-0542 CVE-2010-0211 CVE-2010-0212	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x Packages match section openldap is earlier than 0:2.3.43-12.el5_5.1 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_5.1 AND openldap-clients is earlier than 0:2.3.43-12.el5_5.1 AND openldap-devel is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5_5.1 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5_5.1

Definition Id: oval:org.mitre.oval:def:28071

Oval ID:	oval:org.mitre.oval:def:28071
Title:	DEPRECATED: ELSA-2011-0347 -- openldap security update (moderate)
Description:	[2.4.19-15.2] - fix: security - DoS when submitting special MODRDN request (#680975) [2.4.19-15.1] - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success - fix: CVE-2011-1025 rootpw is not verified for ndb backend
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-0347 CVE-2011-1024 CVE-2011-1025 CVE-2011-1081	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	openldap
Definition Synopsis:
Oracle Linux 6.x Packages match section openldap is earlier than 0:2.4.19-15.el6_0.2 AND compat-openldap is earlier than 0:2.4.19_2.3.43-15.el6_0.2 AND openldap-clients is earlier than 0:2.4.19-15.el6_0.2 AND openldap-devel is earlier than 0:2.4.19-15.el6_0.2 AND openldap-servers is earlier than 0:2.4.19-15.el6_0.2 AND openldap-servers-sql is earlier than 0:2.4.19-15.el6_0.2

Definition Id: oval:org.mitre.oval:def:28271

Oval ID:	oval:org.mitre.oval:def:28271
Title:	DEPRECATED: ELSA-2010-0198 -- openldap security and bug fix update (moderate)
Description:	[2.3.43-12] - updated spec file, so the compat-libs linking patch applies correctly [2.3.43-11] - backported patch to handle null character in TLS certificates (#560912) [2.3.43-10] - updated chase-referral patch to compile cleanly - updated init script (#562714) [2.3.43-9] - updated ldap.sysconf to include SLAPD_LDAP, SLAPD_LDAPS and SLAPD_LDAPI options (#559520) [2.3.43-8] - fixed connection freeze when TLSVerifyClient = allow (#509230) [2.3.43-7] - fixed chasing referrals in libldap (#510522) [2.3.43-6] - fixed possible double free() in rwm overlay (#495628) - updated slapd man page and slapcat usage string (#468206) - updated default config for slapd - deleted syncprov module (#466937) - fixed migration tools autofs generated format (#460331) - fixed migration tools numbers detection in /etc/shadow (#113857) - fixed migration tools base ldif (#104585) [2.3.43-5] - implementation of limit adjustment before starting slapd (#527313) - init script no longer executes script in /tmp (#483356) - slapd not starting with ldap:/// every time (#481003) - delay between TERM and KILL when shutting down slapd (#452064) [2.3.43-4] - fixed compat libs linking (#503734) - activated lightweight dispatcher feature (#507276) - detection of timeout after failed result (#495701
Family:	unix	Class:	patch
Reference(s):	ELSA-2010-0198 CVE-2009-3767	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	openldap
Definition Synopsis:
Oracle Linux 5.x Packages match section openldap is earlier than 0:2.3.43-12.el5 AND compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5 AND openldap-clients is earlier than 0:2.3.43-12.el5 AND openldap-devel is earlier than 0:2.3.43-12.el5 AND openldap-servers is earlier than 0:2.3.43-12.el5 AND openldap-servers-overlays is earlier than 0:2.3.43-12.el5 AND openldap-servers-sql is earlier than 0:2.3.43-12.el5

Definition Id: oval:org.mitre.oval:def:7274

Oval ID:	oval:org.mitre.oval:def:7274
Title:	VMware ESX, Service Console update for OpenLDAP.
Description:	libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-3767	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed AND Patch ESX400-201009408-SG is not installed.

Definition Id: oval:org.mitre.oval:def:7899

Oval ID:	oval:org.mitre.oval:def:7899
Title:	DSA-1943 openldap openldap2.3 -- insufficient input validation
Description:	It was discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, when OpenSSL is used, does not properly handle a "\0" character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Family:	unix	Class:	patch
Reference(s):	DSA-1943 CVE-2009-3767	Version:	3
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	openldap openldap2.3
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Supported architectures section Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is hppa AND Packages section slapd-dbg is earlier than 2.4.11-1+lenny1 AND libldap-2.4-2 is earlier than 2.4.11-1+lenny1 AND libldap-2.4-2-dbg is earlier than 2.4.11-1+lenny1 AND ldap-utils is earlier than 2.4.11-1+lenny1 AND libldap2-dev is earlier than 2.4.11-1+lenny1 AND slapd is earlier than 2.4.11-1+lenny1 OR Release section Debian GNU/Linux 4.0 is installed. AND Packages section libldap-2.3-0 is earlier than 2.3.30-5+etch3 AND ldap-utils is earlier than 2.3.30-5+etch3 AND slapd is earlier than 2.3.30-5+etch3

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apple Mac Os X cpe:2.3:a:apple:mac_os_x:10.5.6:::::::* cpe:2.3:a:apple:mac_os_x::::::::	2
Application	Openldap cpe:2.3:a:openldap:openldap:2.4.9:::::::* cpe:2.3:a:openldap:openldap:2.4.8:::::::* cpe:2.3:a:openldap:openldap:2.4.7:::::::* cpe:2.3:a:openldap:openldap:2.4.6:::::::* cpe:2.3:a:openldap:openldap:2.4.31:::::::* cpe:2.3:a:openldap:openldap:2.4.30:::::::* cpe:2.3:a:openldap:openldap:2.4.3:::::::* cpe:2.3:a:openldap:openldap:2.4.29:::::::* cpe:2.3:a:openldap:openldap:2.4.28:::::::* cpe:2.3:a:openldap:openldap:2.4.27:::::::* cpe:2.3:a:openldap:openldap:2.4.26:::::::* cpe:2.3:a:openldap:openldap:2.4.25:::::::* cpe:2.3:a:openldap:openldap:2.4.24:::::::* cpe:2.3:a:openldap:openldap:2.4.23:::::::* cpe:2.3:a:openldap:openldap:2.4.22:::::::* cpe:2.3:a:openldap:openldap:2.4.21:::::::* cpe:2.3:a:openldap:openldap:2.4.20:::::::* cpe:2.3:a:openldap:openldap:2.4.19:::::::* cpe:2.3:a:openldap:openldap:2.4.18:::::::* cpe:2.3:a:openldap:openldap:2.4.17:::::::* cpe:2.3:a:openldap:openldap:2.4.16:::::::* cpe:2.3:a:openldap:openldap:2.4.15:::::::* cpe:2.3:a:openldap:openldap:2.4.14:::::::* cpe:2.3:a:openldap:openldap:2.4.13:::::::* cpe:2.3:a:openldap:openldap:2.4.12:::::::* cpe:2.3:a:openldap:openldap:2.4.11:::::::* cpe:2.3:a:openldap:openldap:2.4.10:::::::* cpe:2.3:a:openldap:openldap:2.4:::::::* cpe:2.3:a:openldap:openldap:2.3.9:::::::* cpe:2.3:a:openldap:openldap:2.3.8:::::::* cpe:2.3:a:openldap:openldap:2.3.7:::::::* cpe:2.3:a:openldap:openldap:2.3.6:::::::* cpe:2.3:a:openldap:openldap:2.3.5:::::::* cpe:2.3:a:openldap:openldap:2.3.43:::::::* cpe:2.3:a:openldap:openldap:2.3.42:::::::* cpe:2.3:a:openldap:openldap:2.3.41:::::::* cpe:2.3:a:openldap:openldap:2.3.40:::::::* cpe:2.3:a:openldap:openldap:2.3.4:::::::* cpe:2.3:a:openldap:openldap:2.3.39:::::::* cpe:2.3:a:openldap:openldap:2.3.38:::::::* cpe:2.3:a:openldap:openldap:2.3.37:::::::* cpe:2.3:a:openldap:openldap:2.3.36:::::::* cpe:2.3:a:openldap:openldap:2.3.35:::::::* cpe:2.3:a:openldap:openldap:2.3.34:::::::* cpe:2.3:a:openldap:openldap:2.3.33:::::::* cpe:2.3:a:openldap:openldap:2.3.32:::::::* cpe:2.3:a:openldap:openldap:2.3.31:::::::* cpe:2.3:a:openldap:openldap:2.3.30:::::::* cpe:2.3:a:openldap:openldap:2.3.29:::::::* cpe:2.3:a:openldap:openldap:2.3.28_e1.0.0:::::::* cpe:2.3:a:openldap:openldap:2.3.28_20061022:::::::* cpe:2.3:a:openldap:openldap:2.3.28_2006-10-22:::::::* cpe:2.3:a:openldap:openldap:2.3.28_2.20061022:::::::* cpe:2.3:a:openldap:openldap:2.3.28_2_2006-10-22:::::::* cpe:2.3:a:openldap:openldap:2.3.28:::::::* cpe:2.3:a:openldap:openldap:2.3.27_2.20061018:::::::* cpe:2.3:a:openldap:openldap:2.3.27_2_2006-10-18:::::::* cpe:2.3:a:openldap:openldap:2.3.27:::::::* cpe:2.3:a:openldap:openldap:2.3.26:::::::* cpe:2.3:a:openldap:openldap:2.3.25:::::::* cpe:2.3:a:openldap:openldap:2.3.24:::::::* cpe:2.3:a:openldap:openldap:2.3.23:::::::* cpe:2.3:a:openldap:openldap:2.3.22:::::::* cpe:2.3:a:openldap:openldap:2.3.21:::::::* cpe:2.3:a:openldap:openldap:2.3.20:::::::* cpe:2.3:a:openldap:openldap:2.3.19:::::::* cpe:2.3:a:openldap:openldap:2.3.18:::::::* cpe:2.3:a:openldap:openldap:2.3.17:::::::* cpe:2.3:a:openldap:openldap:2.3.16:::::::* cpe:2.3:a:openldap:openldap:2.3.15:::::::* cpe:2.3:a:openldap:openldap:2.3.14:::::::* cpe:2.3:a:openldap:openldap:2.3.13:::::::* cpe:2.3:a:openldap:openldap:2.3.12:::::::* cpe:2.3:a:openldap:openldap:2.3.11:::::::* cpe:2.3:a:openldap:openldap:2.3.10:::::::* cpe:2.3:a:openldap:openldap:2.2.9:::::::* cpe:2.3:a:openldap:openldap:2.2.8:::::::* cpe:2.3:a:openldap:openldap:2.2.7:::::::* cpe:2.3:a:openldap:openldap:2.2.6:::::::* cpe:2.3:a:openldap:openldap:2.2.5:::::::* cpe:2.3:a:openldap:openldap:2.2.4:::::::* cpe:2.3:a:openldap:openldap:2.2.29_rev_1.134:::::::* cpe:2.3:a:openldap:openldap:2.2.28_r2:::::::* cpe:2.3:a:openldap:openldap:2.2.27:::::::* cpe:2.3:a:openldap:openldap:2.2.26:::::::* cpe:2.3:a:openldap:openldap:2.2.25:::::::* cpe:2.3:a:openldap:openldap:2.2.24:::::::* cpe:2.3:a:openldap:openldap:2.2.23:::::::* cpe:2.3:a:openldap:openldap:2.2.22:::::::* cpe:2.3:a:openldap:openldap:2.2.21:::::::* cpe:2.3:a:openldap:openldap:2.2.20:::::::* cpe:2.3:a:openldap:openldap:2.2.19:::::::* cpe:2.3:a:openldap:openldap:2.2.18:::::::* cpe:2.3:a:openldap:openldap:2.2.17:::::::* cpe:2.3:a:openldap:openldap:2.2.16:::::::* cpe:2.3:a:openldap:openldap:2.2.15:::::::* cpe:2.3:a:openldap:openldap:2.2.14:::::::* cpe:2.3:a:openldap:openldap:2.2.13:::::::* cpe:2.3:a:openldap:openldap:2.2.12:::::::* cpe:2.3:a:openldap:openldap:2.2.11:::::::* cpe:2.3:a:openldap:openldap:2.2.10:::::::* cpe:2.3:a:openldap:openldap:2.2.1:::::::* cpe:2.3:a:openldap:openldap:2.2.0:::::::* cpe:2.3:a:openldap:openldap:2.1.9:::::::* cpe:2.3:a:openldap:openldap:2.1.8:::::::* cpe:2.3:a:openldap:openldap:2.1.7:::::::* cpe:2.3:a:openldap:openldap:2.1.6:::::::* cpe:2.3:a:openldap:openldap:2.1.5:::::::* cpe:2.3:a:openldap:openldap:2.1.4:::::::* cpe:2.3:a:openldap:openldap:2.1.30:::::::* cpe:2.3:a:openldap:openldap:2.1.3:::::::* cpe:2.3:a:openldap:openldap:2.1.29:::::::* cpe:2.3:a:openldap:openldap:2.1.28:::::::* cpe:2.3:a:openldap:openldap:2.1.27:::::::* cpe:2.3:a:openldap:openldap:2.1.26:::::::* cpe:2.3:a:openldap:openldap:2.1.25:::::::* cpe:2.3:a:openldap:openldap:2.1.24:::::::* cpe:2.3:a:openldap:openldap:2.1.23:::::::* cpe:2.3:a:openldap:openldap:2.1.22:::::::* cpe:2.3:a:openldap:openldap:2.1.21:::::::* cpe:2.3:a:openldap:openldap:2.1.20:::::::* cpe:2.3:a:openldap:openldap:2.1.2:::::::* cpe:2.3:a:openldap:openldap:2.1.19:::::::* cpe:2.3:a:openldap:openldap:2.1.18:::::::* cpe:2.3:a:openldap:openldap:2.1.17:::::::* cpe:2.3:a:openldap:openldap:2.1.16:::::::* cpe:2.3:a:openldap:openldap:2.1.15:::::::* cpe:2.3:a:openldap:openldap:2.1.14:::::::* cpe:2.3:a:openldap:openldap:2.1.13:::::::* cpe:2.3:a:openldap:openldap:2.1.12:::::::* cpe:2.3:a:openldap:openldap:2.1.11:::::::* cpe:2.3:a:openldap:openldap:2.1.10:::::::* cpe:2.3:a:openldap:openldap:2.1_.20:::::::* cpe:2.3:a:openldap:openldap:2.0.9:::::::* cpe:2.3:a:openldap:openldap:2.0.8:::::::* cpe:2.3:a:openldap:openldap:2.0.7:::::::* cpe:2.3:a:openldap:openldap:2.0.6:::::::* cpe:2.3:a:openldap:openldap:2.0.5:::::::* cpe:2.3:a:openldap:openldap:2.0.4:::::::* cpe:2.3:a:openldap:openldap:2.0.3:::::::* cpe:2.3:a:openldap:openldap:2.0.27:::::::* cpe:2.3:a:openldap:openldap:2.0.26:::::::* cpe:2.3:a:openldap:openldap:2.0.25:::::::* cpe:2.3:a:openldap:openldap:2.0.24:::::::* cpe:2.3:a:openldap:openldap:2.0.23:::::::* cpe:2.3:a:openldap:openldap:2.0.22:::::::* cpe:2.3:a:openldap:openldap:2.0.21:::::::* cpe:2.3:a:openldap:openldap:2.0.20:::::::* cpe:2.3:a:openldap:openldap:2.0.2:::::::* cpe:2.3:a:openldap:openldap:2.0.19:::::::* cpe:2.3:a:openldap:openldap:2.0.18:::::::* cpe:2.3:a:openldap:openldap:2.0.17:::::::* cpe:2.3:a:openldap:openldap:2.0.16:::::::* cpe:2.3:a:openldap:openldap:2.0.15:::::::* cpe:2.3:a:openldap:openldap:2.0.14:::::::* cpe:2.3:a:openldap:openldap:2.0.13:::::::* cpe:2.3:a:openldap:openldap:2.0.12:::::::* cpe:2.3:a:openldap:openldap:2.0.11_9:::::::* cpe:2.3:a:openldap:openldap:2.0.11_11s:::::::* cpe:2.3:a:openldap:openldap:2.0.11_11:::::::* cpe:2.3:a:openldap:openldap:2.0.11:::::::* cpe:2.3:a:openldap:openldap:2.0.10:::::::* cpe:2.3:a:openldap:openldap:2.0.1:::::::* cpe:2.3:a:openldap:openldap:2.0.0:::::::* cpe:2.3:a:openldap:openldap:2.0:::::::* cpe:2.3:a:openldap:openldap:1.2.9:::::::* cpe:2.3:a:openldap:openldap:1.2.8:::::::* cpe:2.3:a:openldap:openldap:1.2.7:::::::* cpe:2.3:a:openldap:openldap:1.2.6:::::::* cpe:2.3:a:openldap:openldap:1.2.5:::::::* cpe:2.3:a:openldap:openldap:1.2.4:::::::* cpe:2.3:a:openldap:openldap:1.2.3:::::::* cpe:2.3:a:openldap:openldap:1.2.2:::::::* cpe:2.3:a:openldap:openldap:1.2.13:::::::* cpe:2.3:a:openldap:openldap:1.2.12:::::::* cpe:2.3:a:openldap:openldap:1.2.11:::::::* cpe:2.3:a:openldap:openldap:1.2.10:::::::* cpe:2.3:a:openldap:openldap:1.2.1:::::::* cpe:2.3:a:openldap:openldap:1.2.0:::::::* cpe:2.3:a:openldap:openldap:1.2:::::::* cpe:2.3:a:openldap:openldap:1.1.4:::::::* cpe:2.3:a:openldap:openldap:1.1.3:::::::* cpe:2.3:a:openldap:openldap:1.1.2:::::::* cpe:2.3:a:openldap:openldap:1.1.1:::::::* cpe:2.3:a:openldap:openldap:1.1.0:::::::* cpe:2.3:a:openldap:openldap:1.1:::::::* cpe:2.3:a:openldap:openldap:1.0.3:::::::* cpe:2.3:a:openldap:openldap:1.0.2:::::::* cpe:2.3:a:openldap:openldap:1.0.1:::::::* cpe:2.3:a:openldap:openldap:1.0:::::::* cpe:2.3:a:openldap:openldap:::::::: cpe:2.3:a:openldap:openldap:-:::::::*	192
Os	Apple Mac Os X cpe:2.3:o:apple:mac_os_x:10.6.4:::::::* cpe:2.3:o:apple:mac_os_x:10.6.3:::::::* cpe:2.3:o:apple:mac_os_x:10.6.2:::::::* cpe:2.3:o:apple:mac_os_x:10.6.1:::::::* cpe:2.3:o:apple:mac_os_x:10.6.1::server::::: cpe:2.3:o:apple:mac_os_x:10.6.0:::::::* cpe:2.3:o:apple:mac_os_x:10.6:::::::* cpe:2.3:o:apple:mac_os_x:10.6:server:::::: cpe:2.3:o:apple:mac_os_x:10.5.8:::::::* cpe:2.3:o:apple:mac_os_x:10.5.8::server::::: cpe:2.3:o:apple:mac_os_x:10.5.7:::::::* cpe:2.3:o:apple:mac_os_x:10.5.6:::::::* cpe:2.3:o:apple:mac_os_x:10.5.5:::::::* cpe:2.3:o:apple:mac_os_x:10.5.4:::::::* cpe:2.3:o:apple:mac_os_x:10.5.3:::::::* cpe:2.3:o:apple:mac_os_x:10.5.2:::::::* cpe:2.3:o:apple:mac_os_x:10.5.2:2008-002:::::: cpe:2.3:o:apple:mac_os_x:10.5.1:::::::* cpe:2.3:o:apple:mac_os_x:10.5.0:::::::* cpe:2.3:o:apple:mac_os_x:10.5:::::::* cpe:2.3:o:apple:mac_os_x:10.4.9:::::::* cpe:2.3:o:apple:mac_os_x:10.4.8:::::::* cpe:2.3:o:apple:mac_os_x:10.4.8::macbook::::: cpe:2.3:o:apple:mac_os_x:10.4.8::mac_mini::::: cpe:2.3:o:apple:mac_os_x:10.4.8::macbook_pro::::: cpe:2.3:o:apple:mac_os_x:10.4.7:::::::* cpe:2.3:o:apple:mac_os_x:10.4.6:::::::* cpe:2.3:o:apple:mac_os_x:10.4.5:::::::* cpe:2.3:o:apple:mac_os_x:10.4.4:::::::* cpe:2.3:o:apple:mac_os_x:10.4.3:::::::* cpe:2.3:o:apple:mac_os_x:10.4.2:::::::* cpe:2.3:o:apple:mac_os_x:10.4.11:::::::* cpe:2.3:o:apple:mac_os_x:10.4.10:::::::* cpe:2.3:o:apple:mac_os_x:10.4.1:::::::* cpe:2.3:o:apple:mac_os_x:10.4.0:::::::* cpe:2.3:o:apple:mac_os_x:10.4.:::::::* cpe:2.3:o:apple:mac_os_x:10.4:::::::* cpe:2.3:o:apple:mac_os_x:10.3.9:::::::* cpe:2.3:o:apple:mac_os_x:10.3.8:::::::* cpe:2.3:o:apple:mac_os_x:10.3.7:::::::* cpe:2.3:o:apple:mac_os_x:10.3.6:::::::* cpe:2.3:o:apple:mac_os_x:10.3.5:::::::* cpe:2.3:o:apple:mac_os_x:10.3.4:::::::* cpe:2.3:o:apple:mac_os_x:10.3.3:::::::* cpe:2.3:o:apple:mac_os_x:10.3.2:::::::* cpe:2.3:o:apple:mac_os_x:10.3.1:::::::* cpe:2.3:o:apple:mac_os_x:10.3.0:::::::* cpe:2.3:o:apple:mac_os_x:10.3:::::::* cpe:2.3:o:apple:mac_os_x:10.2.8:::::::* cpe:2.3:o:apple:mac_os_x:10.2.7:::::::* cpe:2.3:o:apple:mac_os_x:10.2.6:::::::* cpe:2.3:o:apple:mac_os_x:10.2.5:::::::* cpe:2.3:o:apple:mac_os_x:10.2.4:::::::* cpe:2.3:o:apple:mac_os_x:10.2.3:::::::* cpe:2.3:o:apple:mac_os_x:10.2.2:::::::* cpe:2.3:o:apple:mac_os_x:10.2.1:::::::* cpe:2.3:o:apple:mac_os_x:10.2.0:::::::* cpe:2.3:o:apple:mac_os_x:10.2:::::::* cpe:2.3:o:apple:mac_os_x:10.1.5:::::::* cpe:2.3:o:apple:mac_os_x:10.1.4:::::::* cpe:2.3:o:apple:mac_os_x:10.1.3:::::::* cpe:2.3:o:apple:mac_os_x:10.1.2:::::::* cpe:2.3:o:apple:mac_os_x:10.1.1:::::::* cpe:2.3:o:apple:mac_os_x:10.1.0:::::::* cpe:2.3:o:apple:mac_os_x:10.1:::::::* cpe:2.3:o:apple:mac_os_x:10.0.4:::::::* cpe:2.3:o:apple:mac_os_x:10.0.3:::::::* cpe:2.3:o:apple:mac_os_x:10.0.2:::::::* cpe:2.3:o:apple:mac_os_x:10.0.1:::::::* cpe:2.3:o:apple:mac_os_x:10.0.0:::::::* cpe:2.3:o:apple:mac_os_x:10.0:::::::* cpe:2.3:o:apple:mac_os_x:::::::: cpe:2.3:o:apple:mac_os_x:-:::::::*	73
Os	Apple Mac Os X Server cpe:2.3:o:apple:mac_os_x_server:10.6.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.11:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.10:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.4:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.3:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.2:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.1:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0.0:::::::* cpe:2.3:o:apple:mac_os_x_server:10.0:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.3:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.2:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.15:::::::* cpe:2.3:o:apple:mac_os_x_server:5.0.14:::::::* cpe:2.3:o:apple:mac_os_x_server::::::::	68
Os	Opensuse cpe:2.3:o:opensuse:opensuse:11.0:::::::*	1
Os	Vmware Esxi cpe:2.3:o:vmware:esxi:4.1:::::::* cpe:2.3:o:vmware:esxi:4.0:::::::*	2

OpenVAS Exploits

Date	Description
2012-08-30	Name : Fedora Update for openldap FEDORA-2012-10000 File : nvt/gb_fedora_2012_10000_openldap_fc17.nasl
2012-08-14	Name : Mandriva Update for openldap MDVSA-2012:130 (openldap) File : nvt/gb_mandriva_MDVSA_2012_130.nasl
2012-08-09	Name : CentOS Update for openldap CESA-2012:1151 centos6 File : nvt/gb_CESA-2012_1151_openldap_centos6.nasl
2012-08-09	Name : RedHat Update for openldap RHSA-2012:1151-01 File : nvt/gb_RHSA-2012_1151-01_openldap.nasl
2012-07-30	Name : CentOS Update for compat-openldap CESA-2011:0346 centos5 x86_64 File : nvt/gb_CESA-2011_0346_compat-openldap_centos5_x86_64.nasl
2012-07-30	Name : CentOS Update for openldap CESA-2012:0899 centos6 File : nvt/gb_CESA-2012_0899_openldap_centos6.nasl
2012-07-19	Name : Fedora Update for openldap FEDORA-2012-10023 File : nvt/gb_fedora_2012_10023_openldap_fc16.nasl
2012-06-22	Name : RedHat Update for openldap RHSA-2012:0899-04 File : nvt/gb_RHSA-2012_0899-04_openldap.nasl
2012-06-06	Name : RedHat Update for openldap RHSA-2011:0347-01 File : nvt/gb_RHSA-2011_0347-01_openldap.nasl
2011-11-18	Name : Ubuntu Update for openldap USN-1266-1 File : nvt/gb_ubuntu_USN_1266_1.nasl
2011-09-27	Name : Fedora Update for openldap FEDORA-2011-3627 File : nvt/gb_fedora_2011_3627_openldap_fc14.nasl
2011-09-07	Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl
2011-08-09	Name : CentOS Update for compat-openldap CESA-2011:0346 centos5 i386 File : nvt/gb_CESA-2011_0346_compat-openldap_centos5_i386.nasl
2011-08-09	Name : CentOS Update for compat-openldap CESA-2010:0542 centos5 i386 File : nvt/gb_CESA-2010_0542_compat-openldap_centos5_i386.nasl
2011-04-01	Name : Mandriva Update for openldap MDVSA-2011:056 (openldap) File : nvt/gb_mandriva_MDVSA_2011_056.nasl
2011-04-01	Name : Ubuntu Update for openldap, openldap2.3 vulnerabilities USN-1100-1 File : nvt/gb_ubuntu_USN_1100_1.nasl
2011-04-01	Name : Mandriva Update for openldap MDVSA-2011:055 (openldap) File : nvt/gb_mandriva_MDVSA_2011_055.nasl
2011-03-15	Name : RedHat Update for openldap RHSA-2011:0346-01 File : nvt/gb_RHSA-2011_0346-01_openldap.nasl
2011-03-05	Name : FreeBSD Ports: openldap-server File : nvt/freebsd_openldap-server2.nasl
2010-11-16	Name : Fedora Update for openldap FEDORA-2010-11319 File : nvt/gb_fedora_2010_11319_openldap_fc12.nasl
2010-08-30	Name : Fedora Update for openldap FEDORA-2010-11343 File : nvt/gb_fedora_2010_11343_openldap_fc13.nasl
2010-08-21	Name : Debian Security Advisory DSA 2077-1 (openldap) File : nvt/deb_2077_1.nasl
2010-08-13	Name : Ubuntu Update for OpenLDAP vulnerabilities USN-965-1 File : nvt/gb_ubuntu_USN_965_1.nasl
2010-07-30	Name : Mandriva Update for openldap MDVSA-2010:142 (openldap) File : nvt/gb_mandriva_MDVSA_2010_142.nasl
2010-07-23	Name : RedHat Update for openldap RHSA-2010:0543-01 File : nvt/gb_RHSA-2010_0543-01_openldap.nasl
2010-07-23	Name : RedHat Update for openldap RHSA-2010:0542-01 File : nvt/gb_RHSA-2010_0542-01_openldap.nasl
2010-07-20	Name : OpenLDAP 'modrdn' Request Multiple Vulnerabilities File : nvt/gb_openldap_41770.nasl
2010-04-06	Name : RedHat Update for openldap RHSA-2010:0198-04 File : nvt/gb_RHSA-2010_0198-04_openldap.nasl
2010-03-05	Name : Fedora Update for openldap FEDORA-2010-0752 File : nvt/gb_fedora_2010_0752_openldap_fc11.nasl
2010-01-29	Name : Mandriva Update for openldap MDVSA-2010:026 (openldap) File : nvt/gb_mandriva_MDVSA_2010_026.nasl
2009-12-10	Name : Debian Security Advisory DSA 1943-1 (openldap openldap2.3) File : nvt/deb_1943_1.nasl
2009-11-17	Name : Ubuntu USN-858-1 (openldap2.2) File : nvt/ubuntu_858_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
76632	OpenLDAP Off-by-One UTF8StringNormalize() Function Empty postalAddressAttribu...
72530	OpenLDAP slapd modrdn.c Malformed Relative Distinguished Name (DN) Modificati...
72529	OpenLDAP back-ndb bind.cpp root Distinguished Name (DN) Arbitrary Password Au...
72528	OpenLDAP back-ldap chain.c Slave Server Invalid Password External-program Aut...
66470	OpenLDAP servers/slapd/modrdn.c modrdn Request rdn String Memory Corruption
66469	OpenLDAP servers/slapd/schema_init.c modrdn Request rdn String NULL Dereferen...
59268	OpenLDAP libraries/libldap/tls_o.c Certificate Authority (CA) Common Name Nul...

Snort® IPS/IDS

Date	Description
2014-01-10	OpenLDAP Modrdn RDN NULL string denial of service attempt RuleID : 18807 - Revision : 10 - Type : SERVER-OTHER
2014-01-10	OpenLDAP Modrdn utf-8 string code execution attempt RuleID : 18804 - Revision : 11 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date	Description
2016-06-22	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0069.nasl - Type : ACT_GATHER_INFO
2016-03-08	Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0015_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04	Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2011-0001_remote.nasl - Type : ACT_GATHER_INFO
2015-05-27	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2622-1.nasl - Type : ACT_GATHER_INFO
2015-04-20	Name : The remote Debian host is missing a security update. File : debian_DLA-203.nasl - Type : ACT_GATHER_INFO
2014-11-17	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO
2014-11-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO
2014-11-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0476.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO
2014-07-01	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-36.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_openldap2-110304.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_openldap2-110303.nasl - Type : ACT_GATHER_INFO
2014-04-16	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_abad20bfc1b411e3a5ac001b21614864.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-117.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-101.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0542.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1151.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0899.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0347.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0346.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0543.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-130.nasl - Type : ACT_GATHER_INFO
2012-08-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1151.nasl - Type : ACT_GATHER_INFO
2012-08-09	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120808_openldap_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-09	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1151.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110310_openldap_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110310_openldap_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120620_openldap_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100720_openldap_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100330_openldap_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-10023.nasl - Type : ACT_GATHER_INFO
2012-07-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-10000.nasl - Type : ACT_GATHER_INFO
2012-07-11	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0899.nasl - Type : ACT_GATHER_INFO
2012-06-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0899.nasl - Type : ACT_GATHER_INFO
2011-11-18	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1266-1.nasl - Type : ACT_GATHER_INFO
2011-09-26	Name : The remote Fedora host is missing a security update. File : fedora_2011-3627.nasl - Type : ACT_GATHER_INFO
2011-05-05	Name : The remote openSUSE host is missing a security update. File : suse_11_2_openldap2-110303.nasl - Type : ACT_GATHER_INFO
2011-04-22	Name : The remote Fedora host is missing a security update. File : fedora_2011-3612.nasl - Type : ACT_GATHER_INFO
2011-04-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-libldap-2_3-0-110303.nasl - Type : ACT_GATHER_INFO
2011-04-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0346.nasl - Type : ACT_GATHER_INFO
2011-04-01	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1100-1.nasl - Type : ACT_GATHER_INFO
2011-03-31	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-056.nasl - Type : ACT_GATHER_INFO
2011-03-31	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-055.nasl - Type : ACT_GATHER_INFO
2011-03-11	Name : The remote host is missing the patch for the advisory RHSA-2011-0347 File : redhat-RHSA-2011-0347.nasl - Type : ACT_GATHER_INFO
2011-03-11	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0346.nasl - Type : ACT_GATHER_INFO
2011-01-21	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libldap-2_4-2-100616.nasl - Type : ACT_GATHER_INFO
2011-01-06	Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2011-0001.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libldap-2_4-2-100615.nasl - Type : ACT_GATHER_INFO
2010-11-10	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO
2010-11-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-11319.nasl - Type : ACT_GATHER_INFO
2010-10-11	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openldap2-7074.nasl - Type : ACT_GATHER_INFO
2010-10-04	Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0015.nasl - Type : ACT_GATHER_INFO
2010-08-26	Name : The remote openSUSE host is missing a security update. File : suse_11_2_libldap-2_4-2-100707.nasl - Type : ACT_GATHER_INFO
2010-08-26	Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12624.nasl - Type : ACT_GATHER_INFO
2010-08-26	Name : The remote openSUSE host is missing a security update. File : suse_11_1_libldap-2_4-2-100707.nasl - Type : ACT_GATHER_INFO
2010-08-24	Name : The remote Fedora host is missing a security update. File : fedora_2010-11343.nasl - Type : ACT_GATHER_INFO
2010-08-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-965-1.nasl - Type : ACT_GATHER_INFO
2010-08-03	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2077.nasl - Type : ACT_GATHER_INFO
2010-07-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-142.nasl - Type : ACT_GATHER_INFO
2010-07-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0542.nasl - Type : ACT_GATHER_INFO
2010-07-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0543.nasl - Type : ACT_GATHER_INFO
2010-07-26	Name : The remote openSUSE host is missing a security update. File : suse_11_0_openldap2-100712.nasl - Type : ACT_GATHER_INFO
2010-07-22	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0543.nasl - Type : ACT_GATHER_INFO
2010-07-22	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0542.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-0752.nasl - Type : ACT_GATHER_INFO
2010-05-11	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0198.nasl - Type : ACT_GATHER_INFO
2010-02-24	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1943.nasl - Type : ACT_GATHER_INFO
2010-01-27	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-026.nasl - Type : ACT_GATHER_INFO
2009-11-13	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-858-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-07-02 13:25:55	Multiple Updates
2014-07-01 05:23:09	First insertion

Global Informations

Type	Count
CWE ID(s)	9
Oval ID(s)	29
CPE ID(s)	338
osvdb(s)	7
Openvas Exploit(s)	32
Snort® Rule(s)	2
Nessus® Exploit(s)	69

	Related
9.8	CVE-2010-0211
6.8	CVE-2011-1025
5	CVE-2011-1081
5	CVE-2010-0212
4.6	CVE-2011-1024
4.3	CVE-2012-2668
4.3	CVE-2009-3767
4	CVE-2011-4079
2.6	CVE-2012-1164
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)