Secunia - Stay Secure
Gartner
Home Corporate Website Jobs Mailing Lists RSS Blog New entry Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)
  - NEW -

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian update for openldap2.3 Advisory Available in German 

Secunia Advisory: SA29682  
Release Date: 2008-04-09

Critical:
Less critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch

OS:Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid


CVE reference:CVE-2007-5707 (Secunia mirror)
CVE-2007-5708 (Secunia mirror)
CVE-2007-6698 (Secunia mirror)
CVE-2008-0658 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Description:
Debian has issued an update for openldap2.3. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).

For more information:
SA27424
SA28926

Solution:
Apply updated packages.

-- Debian 4.0 (stable) --

Source archives:

http://security.debian.org/pool/updat....3/openldap2.3_2.3.30-5+etch1.diff.gz
Size/MD5 checksum: 311352 ab5ecd0da4ad32f39ca8ca34e97aea8e
http://security.debian.org/pool/updat...dap2.3/openldap2.3_2.3.30.orig.tar.gz
Size/MD5 checksum: 2971126 c40bcc23fa65908b8d7a86a4a6061251
http://security.debian.org/pool/updat...dap2.3/openldap2.3_2.3.30-5+etch1.dsc
Size/MD5 checksum: 1205 64cd8bb9897af0062fd15e9b0fb8e32e

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updat...3/ldap-utils_2.3.30-5+etch1_alpha.deb
Size/MD5 checksum: 193978 6e4e9f9c7f0936cb8d023bf2402af42e
http://security.debian.org/pool/updat...ibldap-2.3-0_2.3.30-5+etch1_alpha.deb
Size/MD5 checksum: 293070 35576398d8f2d5618bace89bbec87870
http://security.debian.org/pool/updat...dap2.3/slapd_2.3.30-5+etch1_alpha.deb
Size/MD5 checksum: 1283688 a2eaf28c1c1285753e71122c5561e39f

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...3/ldap-utils_2.3.30-5+etch1_amd64.deb
Size/MD5 checksum: 184540 6bc131c285864c654d28e90fd06000ee
http://security.debian.org/pool/updat...ibldap-2.3-0_2.3.30-5+etch1_amd64.deb
Size/MD5 checksum: 285256 995b228196a6ce2ccf5bcfa6521244c5
http://security.debian.org/pool/updat...dap2.3/slapd_2.3.30-5+etch1_amd64.deb
Size/MD5 checksum: 1244474 3b455c3a4f221bfb82dd6f70dd5f851a

arm architecture (ARM)

http://security.debian.org/pool/updat...nldap2.3/slapd_2.3.30-5+etch1_arm.deb
Size/MD5 checksum: 1188898 956eeea9cc2bd6e5e4e50145d05dd39e
http://security.debian.org/pool/updat...2.3/ldap-utils_2.3.30-5+etch1_arm.deb
Size/MD5 checksum: 141956 d9b143c4304ca81db461be2bdf30221c
http://security.debian.org/pool/updat.../libldap-2.3-0_2.3.30-5+etch1_arm.deb
Size/MD5 checksum: 254604 6b2744212645932232f285547c3465a0

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat...ldap2.3/slapd_2.3.30-5+etch1_hppa.deb
Size/MD5 checksum: 1306308 287335a1821aefc8efb102d6982aff98
http://security.debian.org/pool/updat...libldap-2.3-0_2.3.30-5+etch1_hppa.deb
Size/MD5 checksum: 292048 4a4f3ef5fbbe1e8793bf1cd797e7b028
http://security.debian.org/pool/updat....3/ldap-utils_2.3.30-5+etch1_hppa.deb
Size/MD5 checksum: 180756 691a106d02d195b991b235515d0d174c

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...libldap-2.3-0_2.3.30-5+etch1_i386.deb
Size/MD5 checksum: 265946 e88fc90218b13aebb2a1578901a69824
http://security.debian.org/pool/updat...ldap2.3/slapd_2.3.30-5+etch1_i386.deb
Size/MD5 checksum: 1174252 903a34a92df100585dba3e0ec0f25987
http://security.debian.org/pool/updat....3/ldap-utils_2.3.30-5+etch1_i386.deb
Size/MD5 checksum: 154126 80588200bcbc4f6b8e3c60983eae4780

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...libldap-2.3-0_2.3.30-5+etch1_ia64.deb
Size/MD5 checksum: 379540 9487d1a5a9a03c4654b7a361d4c67753
http://security.debian.org/pool/updat...ldap2.3/slapd_2.3.30-5+etch1_ia64.deb
Size/MD5 checksum: 1660796 6df92fd96886f3316f26f89f2da0eb96
http://security.debian.org/pool/updat....3/ldap-utils_2.3.30-5+etch1_ia64.deb
Size/MD5 checksum: 239118 9ae940f8df656d2f233acefd0b2274bf

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat....3/ldap-utils_2.3.30-5+etch1_mips.deb
Size/MD5 checksum: 185506 8a1ab4fc883116059b529ffa00a8c346
http://security.debian.org/pool/updat...ldap2.3/slapd_2.3.30-5+etch1_mips.deb
Size/MD5 checksum: 1205680 431589f3aad740adde1dc121edfc2f0b
http://security.debian.org/pool/updat...libldap-2.3-0_2.3.30-5+etch1_mips.deb
Size/MD5 checksum: 257964 10ae6c9739e5ec1cce436e82572d3086

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat...ap2.3/slapd_2.3.30-5+etch1_mipsel.deb
Size/MD5 checksum: 1188188 eb29253ae4008e5e74135b9b03fda111
http://security.debian.org/pool/updat...bldap-2.3-0_2.3.30-5+etch1_mipsel.deb
Size/MD5 checksum: 258576 83b99052b2853cd94b665ae621d3b66f
http://security.debian.org/pool/updat.../ldap-utils_2.3.30-5+etch1_mipsel.deb
Size/MD5 checksum: 186780 316031a466a6e221789ee246c2fe96c6

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...ldap-2.3-0_2.3.30-5+etch1_powerpc.deb
Size/MD5 checksum: 272220 f8cb7024f7e5e00b94ff8d638cddb18d
http://security.debian.org/pool/updat...ldap-utils_2.3.30-5+etch1_powerpc.deb
Size/MD5 checksum: 188744 7bd626905a9443950a1cab4df28a4a59
http://security.debian.org/pool/updat...p2.3/slapd_2.3.30-5+etch1_powerpc.deb
Size/MD5 checksum: 1243640 6faf3ce99497a3e8d793eea3c0d0aca2

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...ldap2.3/slapd_2.3.30-5+etch1_s390.deb
Size/MD5 checksum: 1240862 ccf0e13f6dc5756dc84d524cb9a033dd
http://security.debian.org/pool/updat...libldap-2.3-0_2.3.30-5+etch1_s390.deb
Size/MD5 checksum: 291452 33deedd35ad575833f7227047b644fae
http://security.debian.org/pool/updat....3/ldap-utils_2.3.30-5+etch1_s390.deb
Size/MD5 checksum: 168348 4fa52da0e0d54466a804c40306ae9f83

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updat...dap2.3/slapd_2.3.30-5+etch1_sparc.deb
Size/MD5 checksum: 1167532 392f3e996130e2fa64c0005218d776e0
http://security.debian.org/pool/updat...ibldap-2.3-0_2.3.30-5+etch1_sparc.deb
Size/MD5 checksum: 256800 32585d0c8d9996050f74caf021af6f73
http://security.debian.org/pool/updat...3/ldap-utils_2.3.30-5+etch1_sparc.deb
Size/MD5 checksum: 154976 a083feee801f6c843b6509df9b6307b3

-- Debian GNU/Linux unstable alias sid --

Fixed in version 2.4.7-6.1.

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00111.html

Other References:
SA27424:
http://secunia.com/advisories/27424/

SA28926:
http://secunia.com/advisories/28926/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1158 Related Secunia Security Advisories, displaying 10

1. Debian update for kazehakase
2. Debian update for blender
3. Debian update for b2evolution
4. Debian update for cacti
5. Debian update for asterisk
6. Debian update for kernel
7. Debian update for wordpress
8. Debian update for iceape
9. Debian update for cpio
10. Debian update for phpmyadmin

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
Cyberfolio "rep" File Inclusion Vulnerability
2.
Yahoo! Assistant yNotifier.dll ActiveX Control Code Execution
3.
Zarafa Script Insertion Vulnerabilities
4.
Slackware update for thunderbird
5.
SAP Internet Transaction Server wgate.dll Cross-Site Scripting Vulnerability
6.
OpenKM Document Export Security Issue
7.
InfoBiz Server "keywords" Cross-Site Scripting Vulnerability
8.
Galleristic "cat" SQL Injection Vulnerability
9.
Ubuntu update for speex
10.
SazCart Multiple File Inclusion Vulnerabilities





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia