Users of Debian Security please be advised of a New openldap packages fix potential code execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
DSA 2077-1: DSA 2077-1 - New openldap packages fix potential code execution
Debian Security
Two remote vulnerabilities have been discovered in OpenLDAP. The
Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2010-0211
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does
not check the return value of a call to the smr_normalize
function, which allows remote attackers to cause a denial of
service (segmentation fault) and possibly execute arbitrary code
via a modrdn call with an RDN string containing invalid UTF-8
sequences.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/9cBYcp
No comments:
Post a Comment