Debian Security Advisory
DSA-068-1 openldap -- remote DoS
- Date Reported:
- 09 Aug 2001
- Affected Packages:
- openldap
- Vulnerable:
- Yes
- Security database references:
- In the Bugtraq database (at SecurityFocus): BugTraq ID 3049.
In Mitre's CVE dictionary: CVE-2001-0977.
CERT's vulnerabilities, advisories and incident notes: CA-2001-18. - More information:
-
The CERT advisory lists a number of vulnerabilities in various
LDAP implementations, based on the
results of the PROTOS LDAPv3 test suite. These tests found one
problem in OpenLDAP, a free LDAP implementation which is shipped
as part of Debian GNU/Linux 2.2.
The problem is that
slapd
did not handle packets which had BER fields of invalid length and would crash if it received them. An attacker could use this to mount a remote denial of service attack.This problem has been fixed in version 1.2.12-1, and we recommend that you upgrade your
slapd
package immediately. - Fixed in:
-
Debian GNU/Linux 2.2 (potato)
- Source:
- http://security.debian.org/dists/stable/updates/main/source/openldap_1.2.12-1.dsc
- http://security.debian.org/dists/stable/updates/main/source/openldap_1.2.12-1.tar.gz
- http://security.debian.org/dists/stable/updates/main/source/openldap_1.2.12-1.tar.gz
- Architecture-independent component:
- http://security.debian.org/dists/stable/updates/main/binary-all/ldap-rfc_1.2.12-1_all.deb
- http://security.debian.org/dists/stable/updates/main/binary-all/libopenldap-runtime_1.2.12-1_all.deb
- http://security.debian.org/dists/stable/updates/main/binary-all/libopenldap-runtime_1.2.12-1_all.deb
- ARM:
- http://security.debian.org/dists/stable/updates/main/binary-arm/libopenldap-dev_1.2.12-1_arm.deb
- http://security.debian.org/dists/stable/updates/main/binary-arm/libopenldap1_1.2.12-1_arm.deb
- http://security.debian.org/dists/stable/updates/main/binary-arm/openldap-gateways_1.2.12-1_arm.deb
- http://security.debian.org/dists/stable/updates/main/binary-arm/openldap-utils_1.2.12-1_arm.deb
- http://security.debian.org/dists/stable/updates/main/binary-arm/openldapd_1.2.12-1_arm.deb
- http://security.debian.org/dists/stable/updates/main/binary-arm/libopenldap1_1.2.12-1_arm.deb
- Alpha:
- http://security.debian.org/dists/stable/updates/main/binary-alpha/libopenldap-dev_1.2.12-1_alpha.deb
- http://security.debian.org/dists/stable/updates/main/binary-alpha/libopenldap1_1.2.12-1_alpha.deb
- http://security.debian.org/dists/stable/updates/main/binary-alpha/openldap-gateways_1.2.12-1_alpha.deb
- http://security.debian.org/dists/stable/updates/main/binary-alpha/openldap-utils_1.2.12-1_alpha.deb
- http://security.debian.org/dists/stable/updates/main/binary-alpha/openldapd_1.2.12-1_alpha.deb
- http://security.debian.org/dists/stable/updates/main/binary-alpha/libopenldap1_1.2.12-1_alpha.deb
- Intel IA-32:
- http://security.debian.org/dists/stable/updates/main/binary-i386/libopenldap-dev_1.2.12-1_i386.deb
- http://security.debian.org/dists/stable/updates/main/binary-i386/libopenldap1_1.2.12-1_i386.deb
- http://security.debian.org/dists/stable/updates/main/binary-i386/openldap-gateways_1.2.12-1_i386.deb
- http://security.debian.org/dists/stable/updates/main/binary-i386/openldap-utils_1.2.12-1_i386.deb
- http://security.debian.org/dists/stable/updates/main/binary-i386/openldapd_1.2.12-1_i386.deb
- http://security.debian.org/dists/stable/updates/main/binary-i386/libopenldap1_1.2.12-1_i386.deb
- Motorola 680x0:
- http://security.debian.org/dists/stable/updates/main/binary-m68k/libopenldap-dev_1.2.12-1_m68k.deb
- http://security.debian.org/dists/stable/updates/main/binary-m68k/libopenldap1_1.2.12-1_m68k.deb
- http://security.debian.org/dists/stable/updates/main/binary-m68k/openldap-gateways_1.2.12-1_m68k.deb
- http://security.debian.org/dists/stable/updates/main/binary-m68k/openldap-utils_1.2.12-1_m68k.deb
- http://security.debian.org/dists/stable/updates/main/binary-m68k/openldapd_1.2.12-1_m68k.deb
- http://security.debian.org/dists/stable/updates/main/binary-m68k/libopenldap1_1.2.12-1_m68k.deb
- PowerPC:
- http://security.debian.org/dists/stable/updates/main/binary-powerpc/libopenldap-dev_1.2.12-1_powerpc.deb
- http://security.debian.org/dists/stable/updates/main/binary-powerpc/libopenldap1_1.2.12-1_powerpc.deb
- http://security.debian.org/dists/stable/updates/main/binary-powerpc/openldap-gateways_1.2.12-1_powerpc.deb
- http://security.debian.org/dists/stable/updates/main/binary-powerpc/openldap-utils_1.2.12-1_powerpc.deb
- http://security.debian.org/dists/stable/updates/main/binary-powerpc/openldapd_1.2.12-1_powerpc.deb
- http://security.debian.org/dists/stable/updates/main/binary-powerpc/libopenldap1_1.2.12-1_powerpc.deb
- Sun Sparc:
- http://security.debian.org/dists/stable/updates/main/binary-sparc/libopenldap-dev_1.2.12-1_sparc.deb
- http://security.debian.org/dists/stable/updates/main/binary-sparc/libopenldap1_1.2.12-1_sparc.deb
- http://security.debian.org/dists/stable/updates/main/binary-sparc/openldap-gateways_1.2.12-1_sparc.deb
- http://security.debian.org/dists/stable/updates/main/binary-sparc/openldap-utils_1.2.12-1_sparc.deb
- http://security.debian.org/dists/stable/updates/main/binary-sparc/openldapd_1.2.12-1_sparc.deb
- http://security.debian.org/dists/stable/updates/main/binary-sparc/libopenldap1_1.2.12-1_sparc.deb
MD5 checksums of the listed files are available in the original advisory.