exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files

Ubuntu Security Notice 965-1
Posted Aug 12, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 965-1 - Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomaki discovered that the slap_modrdn2mods function in modrdn.c in OpenLDAP does not check the return value from a call to the smr_normalize function. A remote attacker could use specially crafted modrdn requests to crash the slapd daemon or possibly execute arbitrary code. Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomaki discovered that OpenLDAP does not properly handle empty RDN strings. A remote attacker could use specially crafted modrdn requests to crash the slapd daemon. In the default installation under Ubuntu 8.04 LTS and later, attackers would be isolated by the OpenLDAP AppArmor profile for the slapd daemon.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-0211, CVE-2010-0212
SHA-256 | 3ca13ddfe2e88809d4d45a5479af662f44cb198db14ce2072fe0867f6ded3b2e
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close