Oval Definition:	oval:org.mitre.oval:def:23088
Revision Date: 2014-05-26 Version: 13 Title: ELSA-2011:0346: openldap security and bug fix update (Moderate) Description: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-1024 ELSA-2011:0346-01 Platform(s): Oracle Linux 5 Product(s): openldap Definition Synopsis Oracle Linux 5.x AND rpm test openldap-devel is earlier than 0:2.3.43-12.el5_6.7 OR openldap-clients is earlier than 0:2.3.43-12.el5_6.7 OR openldap-servers-sql is earlier than 0:2.3.43-12.el5_6.7 OR compat-openldap is earlier than 0:2.3.43_2.2.29-12.el5_6.7 OR openldap is earlier than 0:2.3.43-12.el5_6.7 OR openldap-servers is earlier than 0:2.3.43-12.el5_6.7 OR openldap-servers-overlays is earlier than 0:2.3.43-12.el5_6.7
BACK