CVE-2006-4600 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4600
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4600

Description: slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28772 TRUSTIX http://www.trustix.org/errata/2006/0055 ST 1016783 SGI SAID Secunia Advisory: SA22219 Secunia Advisory: SA22273 Secunia Advisory: SA21721 Secunia Advisory: SA25098 Secunia Advisory: SA25628 Secunia Advisory: SA25676 Secunia Advisory: SA22300 Secunia Advisory: SA25894 Secunia Advisory: SA26909 Secunia Advisory: SA27706 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0430.html http://www.redhat.com/support/errata/RHSA-2007-0310.html MLIST http://www.openldap.org/lists/openldap-announce/200608/msg00000.html MISC http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4587 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:171 GENTOO http://security.gentoo.org/glsa/glsa-200711-23.xml FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-232.htm http://www.openldap.org/software/release/changes.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447395/100/200/threaded BID 19832

Return to the previous page.