Oval Definition:	oval:org.mitre.oval:def:22531
Revision Date: 2014-07-07 Version: 14 Title: RHSA-2014:0126: openldap security and bug fix update (Moderate) Description: The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2014:0126 CVE-2013-4449 RHSA-2014:0126-00 Platform(s): CentOS Linux 6 Red Hat Enterprise Linux 6 Product(s): openldap Definition Synopsis Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 OR The operating system installed on the system is CentOS Linux 6.x AND Packages section openldap-servers is earlier than 0:2.4.23-34.el6_5.1 OR openldap-servers-sql is earlier than 0:2.4.23-34.el6_5.1 OR openldap is earlier than 0:2.4.23-34.el6_5.1 OR openldap-clients is earlier than 0:2.4.23-34.el6_5.1 OR openldap-devel is earlier than 0:2.4.23-34.el6_5.1
BACK