Oval Definition:oval:com.redhat.rhsa:def:20071038
Revision Date:2007-11-15Version:636
Title:RHSA-2007:1038: openldap security and enhancement update (Moderate)
Description:OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools.

  • A flaw was found in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes. An authenticated local or remote attacker could create an LDAP request which could cause a denial of service by crashing slapd. (CVE-2007-5707)

    In addition, the following feature was added:
  • OpenLDAP client tools now have new option to configure their bind timeout.

    All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue and provide this security enhancement.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-5707
    RHSA-2007:1038
    RHSA-2007:1038-01
    RHSA-2007:1038-01
    Platform(s):Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • compat-openldap is earlier than 0:2.1.30-8.el4_6.1
  • AND compat-openldap is signed with Red Hat redhatrelease2 key
  • openldap is earlier than 0:2.2.13-8.el4_6.1
  • AND openldap is signed with Red Hat redhatrelease2 key
  • openldap-clients is earlier than 0:2.2.13-8.el4_6.1
  • AND openldap-clients is signed with Red Hat redhatrelease2 key
  • openldap-devel is earlier than 0:2.2.13-8.el4_6.1
  • AND openldap-devel is signed with Red Hat redhatrelease2 key
  • openldap-servers is earlier than 0:2.2.13-8.el4_6.1
  • AND openldap-servers is signed with Red Hat redhatrelease2 key
  • openldap-servers-sql is earlier than 0:2.2.13-8.el4_6.1
  • AND openldap-servers-sql is signed with Red Hat redhatrelease2 key
    • BACK