Oval Definition:	oval:org.mitre.oval:def:24327
Revision Date: 2014-07-07 Version: 13 Title: RHSA-2014:0206: openldap security update (Moderate) Description: The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2014:0206 CVE-2013-4449 RHSA-2014:0206-00 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 5 Product(s): openldap Definition Synopsis Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x AND Packages section openldap-devel is earlier than 0:2.3.43-27.el5_10 OR openldap-servers-sql is earlier than 0:2.3.43-27.el5_10 OR openldap-clients is earlier than 0:2.3.43-27.el5_10 OR openldap-servers is earlier than 0:2.3.43-27.el5_10 OR openldap-servers-overlays is earlier than 0:2.3.43-27.el5_10 OR compat-openldap is earlier than 0:2.3.43_2.2.29-27.el5_10 OR openldap is earlier than 0:2.3.43-27.el5_10
BACK