Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 1100-1: OpenLDAP vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that OpenLDAP did not properly check forwardedauthentication failures when using a slave server and chain overlay. IfOpenLDAP were configured in this manner, an attacker could bypassauthentication checks by sending an invalid password to a slave server.(CVE-2011-1024) [More...]
Ubuntu Security Notice USN-1100-1            March 31, 2011
openldap, openldap2.3 vulnerabilities
CVE-2011-1024, CVE-2011-1025, CVE-2011-1081

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  slapd                           2.4.9-0ubuntu0.8.04.5

Ubuntu 9.10:
  slapd                           2.4.18-0ubuntu1.2

Ubuntu 10.04 LTS:
  slapd                           2.4.21-0ubuntu5.4

Ubuntu 10.10:
  slapd                           2.4.23-0ubuntu3.5

In general, a standard system update will make all the necessary changes.

Details follow:

It was discovered that OpenLDAP did not properly check forwarded
authentication failures when using a slave server and chain overlay. If
OpenLDAP were configured in this manner, an attacker could bypass
authentication checks by sending an invalid password to a slave server.

It was discovered that OpenLDAP did not properly perform authentication
checks to the rootdn when using the back-ndb backend. An attacker could
exploit this to access the directory by sending an arbitrary password.
Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue
did not affect Ubuntu 8.04 LTS. (CVE-2011-1025)

It was discovered that OpenLDAP did not properly validate modrdn requests.
An unauthenticated remote user could use this to cause a denial of service
via application crash. (CVE-2011-1081)

Updated packages for Ubuntu 8.04 LTS:

  Source archives:
      Size/MD5:   148348 0a17a6a7242dc27e5590f869698d91bf
      Size/MD5:     2153 dd83da7cf313c8ffefa7e1713a8e60a0
      Size/MD5:  3694611 3c0b5ae3d45f5675e67aaf81ce7decc9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   267396 09356d322551fdae3a6c189c39e4a430
      Size/MD5:   292696 461e99c88053615a8b50b8823a4a6aca
      Size/MD5:   198450 1e06a3e2d888c8f42d91ba7ccc692e6e
      Size/MD5:   868912 4798139b502df4cfba40c9d69aa33998
      Size/MD5:  3615184 c0de164f2edb928b26fdd798d53ef65a
      Size/MD5:  1448414 6db501b5b89a6ce0a6ab3ee6660e5cd9

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   245856 e547ff9a91490175dd55a7dcfd07a03d
      Size/MD5:   283346 72d89b92d66f0797ee0fb7eeeed8e08d
      Size/MD5:   182620 71cd64f65982d725e085a2437484d669
      Size/MD5:   778166 d839447d796355322cbb72245bc86f1c
      Size/MD5:  3533932 884485d842acb2f44755389c48d4f2eb
      Size/MD5:  1355058 c65fede3db70f3dcc21ed089cf3b02a8

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   247046 8bcbf9aa370ab1a9fe5b86bf56636530
      Size/MD5:   285844 6f22d7fd7928747b17c37c032b042bf9
      Size/MD5:   178414 df23527b57612d89299e92f59ff9f75f
      Size/MD5:   779538 84b20780586c924069d133d079d5a794
      Size/MD5:  3565950 4865fd05186f45cc3ff16616b5b66e43
      Size/MD5:  1349002 dfbf016cf6f0f6af38732dea43ce4637

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   286980 7b2591a0812fec37dae0732fdbdaa103
      Size/MD5:   288548 d32c5ba230939d9d41d905327d4f5a19
      Size/MD5:   193246 5e60a426a0892398b931e8bb6509f1ef
      Size/MD5:   898110 87b0f224880f86f3c251489ec1d1b814
      Size/MD5:  3671124 e60a6f47dcb1e7f5f90bc252868904b3
      Size/MD5:  1494734 b2ac36c2c992b162cd8fec015f011974

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   248950 cb5a7a5fb63dc6f9335b99a80744864c
      Size/MD5:   259880 e90f7e886812192a2978de62101407b6
      Size/MD5:   179200 783145a625097cf2f80dda196c8ab15c
      Size/MD5:   768004 01e782ce93f0e235c92bb9a4cea8df2b
      Size/MD5:  3485780 2febd5c79f6c408750322b6490a8f714
      Size/MD5:  1349998 bbf62d15600054accd750e882c1d0da0

Updated packages for Ubuntu 9.10:

  Source archives:
      Size/MD5:   150185 8b9f99d1ab9523b3eead801e0b92f23f
      Size/MD5:     2591 446cb476a72e73e9fcae9a56996349aa
      Size/MD5:  4770922 cd856e52c6ddfbb82bba06a5902dae30

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   346816 bc65763a269470d7bb42f380fb81c450
      Size/MD5:   326874 b076a30f910096706cb80d1f97b44039
      Size/MD5:   210018 a35342f00ca9ad768bd09b64a9a14d2d
      Size/MD5:   949856 39d05c21ed07fdf3175c66584bbe0226
      Size/MD5:  4331952 2d08a6539eeb59e5ddb88cbcf43cad87
      Size/MD5:  1628362 3d37f4cde1e29a43d43631e695b97624

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   321232 375a3e0f29eacc8210a0c538323ff57f
      Size/MD5:   326278 f6b023ecbf396443cbc491d26c25f6fd
      Size/MD5:   195894 f272907a11a8e1fd013b40e404ee69c6
      Size/MD5:   880760 34b8b230971d8a05361e40477c8175f7
      Size/MD5:  4270984 bf1ece0d5e38ca0f929f2387b96b8e95
      Size/MD5:  1549188 6fc41178c1d4444fa7f83604f485a65e

  armel architecture (ARM Architecture):
      Size/MD5:   300536 403925b503069655a9ea540b75652f15
      Size/MD5:   314958 086b774b46d34904cbad8f5e26ab9eb3
      Size/MD5:   187952 a5e0380494c0e4545e8ac5670f5694bd
      Size/MD5:   927662 24d8217078a2a3d2e23b42d7c4ee39d0
      Size/MD5:  4269896 9a5c8ea0180a9d3e3f1503a079408cbc
      Size/MD5:  1524370 651c17faade22cf60762aee104e865b1

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   319884 8bc8d2cb4d49854299373fb29c7377c7
      Size/MD5:   329882 8ccec475efa431d5d515e42c0ee308c2
      Size/MD5:   191534 127da8eefe5f7af08978dedec733d91f
      Size/MD5:   876078 dcfd67fb6b58a74328d4dc94176aa201
      Size/MD5:  4302686 6f541aefd6ac238625b4bd28fdc21f1f
      Size/MD5:  1537928 a2bb83957649f39f346a9aa284da842f

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   354600 9137966fbeec57f8c203eae73d3b71b1
      Size/MD5:   334050 5c871d198cadfab8ae7d448afe447ea3
      Size/MD5:   205356 7a36b5a030978aef82815f469d1ebffb
      Size/MD5:   983088 c3d67f4290c65a32eee5a8e1c34b3727
      Size/MD5:  4429400 106b58574038808f8146133dcda1f93f
      Size/MD5:  1608154 511748d900eb80569bc1b96f986755f9

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   330198 23390ec7af881366bcb7d8767a78b471
      Size/MD5:   295028 c1426e9961d5072ac1507c1a8b27bdfb
      Size/MD5:   189206 875c6be78fa4331ed07b2595cc32b0d6
      Size/MD5:   860318 7fded97dab3770362e9a707b29c359fb
      Size/MD5:  4212192 a5ce38f884603882ec60995632e63a23
      Size/MD5:  1515582 506e7dd5d67359894190f50c2c898cb2

Updated packages for Ubuntu 10.04 LTS:

  Source archives:
      Size/MD5:   153875 3597ced7de4989ba2b7d79dc9be4eab3
      Size/MD5:     2604 aa8c045f1e85f4dbfa69de84707f29eb
      Size/MD5:  4777066 e994d866cef44ad975815f3687a5f608

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   348360 1e711dc163c72f8da839005baeda7eab
      Size/MD5:   335698 9f7d85143f1e9904d3056681f8ab2168
      Size/MD5:   215852 a89af4c138fc0e8861373aaf0e3f8f41
      Size/MD5:  1066144 9875744cfaced4df2fd5fbc26fe9074e
      Size/MD5:  4348014 d22558180f9954766020f2222cd90407
      Size/MD5:  1636708 50160d4e58e052387ffcd079e11c53b6

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   323178 7d53ea9fe670b0b26bdd8770a9b84f57
      Size/MD5:   335672 df307985b9bc1328996f99c623a3aa74
      Size/MD5:   201898 b36cbc6d9bdb4ad1bc109dd94de3a38e
      Size/MD5:   901964 b979389b2f92eca04e2a09907fd845f2
      Size/MD5:  4288424 6034db9c694989778c76669d4b01777f
      Size/MD5:  1554016 d2733b5b5b483943cffe5846be4b8cf9

  armel architecture (ARM Architecture):
      Size/MD5:   311012 c7e899bb4a4976a72d39837f962956c9
      Size/MD5:   335180 118def912d0f9d4c1dbcc8d709ac9f85
      Size/MD5:   189142 a4f6cdb751a7a1c187b52a7e75e0a8b2
      Size/MD5:   970786 7b8f6b33a8e0e519024ba58f115d5082
      Size/MD5:  4357268 893025d405390dbc169da34a2d33e8bf
      Size/MD5:  1522016 6496674cc52ebfb3dfe55ee60f22c868

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   355944 5317941c984c69920497abc951f61391
      Size/MD5:   343488 521988d5838f33d2152d84ca5a73fcab
      Size/MD5:   210946 3b04214afbe872182f9037f352f3eaaa
      Size/MD5:  1006440 3cd9228e12db9a657f1169bee132223b
      Size/MD5:  4448244 cfc1d307f2992f5b88b55029629bf4f9
      Size/MD5:  1613852 afd9dcf200f32fbcdeab1df30174b08e

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   338964 676ac81ed28771787a9308fac37cd951
      Size/MD5:   306090 4bf14a5ceb0ef8051c15a82cb3224c2f
      Size/MD5:   197996 8194736039db419f232e9d01b517e42b
      Size/MD5:   892476 040400a420e73bdbc763e76ae2ed4ff0
      Size/MD5:  4245336 c13e4f7462ffc823488bfdd4f34461b2
      Size/MD5:  1565848 627dada9fea292ce1b4e2b0287cd7fda

Updated packages for Ubuntu 10.10:

  Source archives:
      Size/MD5:   158394 d5bcebb6c88fdaf2803e254fb976dea2
      Size/MD5:     2628 16af2ff6b6ba3d9384a88a255d3556f6
      Size/MD5:  4540938 d320564eaf0028d8a64f070774a08415

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   344624 07dd6e9c1ee03297f01d4b6f65b29feb
      Size/MD5:   337234 437059ee793153f4aef07c78da13b3c1
      Size/MD5:   214326 f997d185f00f85a7fce7463b7e68893a
      Size/MD5:   977498 fd1e4ac08a25ac609af673ee2db87130
      Size/MD5:  4293434 97c6ea6e96f0e6b6108136645b2a8b5b
      Size/MD5:  1589428 d9b9937e7b2902f998199e28f0093fdb

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   316730 5ac73adb250def341baecacf0b8ad922
      Size/MD5:   336216 9502129033dc845201a103bda5aa24d5
      Size/MD5:   200226 d164aa8eb114491f80246b9710cf2bd2
      Size/MD5:   903302 aa4a88c717425fd286a2902d113366a5
      Size/MD5:  4234374 a4a4ecd9921860a3525afba2b0b24bb0
      Size/MD5:  1509558 3fd69be51fd9196e0e1de0d03447a8e1

  armel architecture (ARM Architecture):
      Size/MD5:   324782 1684dc5cade47029508f9813753aa289
      Size/MD5:   335286 a30f64228b2aec4a0e0102b8dbddbaf3
      Size/MD5:   193756 e175d15f8d82b56b0c5925763ebd92e7
      Size/MD5:   977308 17e2e459027535bda09fd1f5dd4873fc
      Size/MD5:  4312970 d51b7f4bda4a46f244555a2175da05bf
      Size/MD5:  1536116 2dd995af8c686c3fea214ede84fb6302

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   349472 20037a67d556fb2a7cb9a4ca2c7e1436
      Size/MD5:   344660 61cbbcdeceebbed0d60d1b02cfe1ac14
      Size/MD5:   209664 29f499fd6b05923650623ea8aa3162c1
      Size/MD5:  1008280 b896fda466ff512ae48193ef4e1234d4
      Size/MD5:  4391626 b4cf70670731e05a4e3f7a94ce38c094
      Size/MD5:  1566324 a4203ad3a7071a971f707e25ba9566c5

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.