OpenLDAP Multiple Remote Denial of Service Vulnerabilities
BID:26245
Info
OpenLDAP Multiple Remote Denial of Service Vulnerabilities
| Bugtraq ID: | 26245 |
| Class: | Unknown |
| CVE: |
CVE-2007-5707 CVE-2007-5708 CVE-2007-6698 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 29 2007 12:00AM |
| Updated: | Nov 12 2009 06:56PM |
| Credit: | Tony Blake, Thomas Sesselmann, and Jonathan Clarke discovered these issues. |
| Vulnerable: |
Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Turbolinux Turbolinux Server 10.0 x86 Turbolinux Turbolinux Server 11 x64 Turbolinux Turbolinux Server 11 Turbolinux Turbolinux Server 10.0.0 x64 Turbolinux Client 2008 Turbolinux Appliance Server 3.0 x64 Turbolinux Appliance Server 3.0 Turbolinux Appliance Server 2.0 SuSE SUSE Linux Enterprise Server 8 SuSE SUSE Linux Enterprise Server 10 SP1 SuSE SUSE Linux Enterprise Server 10 SuSE SUSE Linux Enterprise SDK 9 SuSE SUSE Linux Enterprise SDK 10.SP1 SuSE SUSE Linux Enterprise SDK 10 SP1 SuSE SUSE Linux Enterprise SDK 10 SuSE SUSE Linux Enterprise SDK 10 SuSE Suse Linux Enterprise Desktop 10 SP1 SuSE Suse Linux Enterprise Desktop 10 SuSE SUSE Linux Enterprise 10 SP1 DEBUGINFO SuSE SUSE Linux Enterprise 10 SP1 DEBUGINFO SuSE Linux Enterprise Server 9-SP3 SuSE Linux Enterprise Server 9 SuSE Linux Enterprise Server 10.SP1 SuSE Linux Enterprise Server 10 SuSE Linux Desktop 10 SuSE Linux 10.1 x86-64 SuSE Linux 10.1 x86 SuSE Linux 10.1 ppc SuSE Linux 10.0 x86-64 SuSE Linux 10.0 x86 SuSE Linux 10.0 ppc S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop SDK 9.0 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.2 X86 64 S.u.S.E. Linux Professional 10.2 S.u.S.E. Linux Personal 10.2 X86 64 S.u.S.E. Linux Personal 10.2 rPath rPath Linux 1 rPath Appliance Platform Linux Service 1 Redhat Fedora Core6 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux AS 4 Redhat Enterprise Linux Desktop version 4 Redhat Enterprise Linux 5 Server Redhat Desktop 4.0 OpenLDAP OpenLDAP 2.3.27 OpenLDAP OpenLDAP 2.3.25 OpenLDAP OpenLDAP 2.3.6 OpenLDAP OpenLDAP 2.2.29 OpenLDAP OpenLDAP 2.2.26 OpenLDAP OpenLDAP 2.2.15 OpenLDAP OpenLDAP 2.2.6 OpenLDAP OpenLDAP 2.1.30 OpenLDAP OpenLDAP 2.1.25 OpenLDAP OpenLDAP 2.1.22 OpenLDAP OpenLDAP 2.1.19 OpenLDAP OpenLDAP 2.1.18 OpenLDAP OpenLDAP 2.1.17 OpenLDAP OpenLDAP 2.1.16 OpenLDAP OpenLDAP 2.1.15 OpenLDAP OpenLDAP 2.1.14 OpenLDAP OpenLDAP 2.1.13 OpenLDAP OpenLDAP 2.1.12 OpenLDAP OpenLDAP 2.1.11 OpenLDAP OpenLDAP 2.1.10 OpenLDAP OpenLDAP 2.1.4 OpenLDAP OpenLDAP 2.1 .20 OpenLDAP OpenLDAP 2.0.27 OpenLDAP OpenLDAP 2.0.25 OpenLDAP OpenLDAP 2.0.23 OpenLDAP OpenLDAP 2.0.22 OpenLDAP OpenLDAP 2.0.21 OpenLDAP OpenLDAP 2.0.20 OpenLDAP OpenLDAP 2.0.19 OpenLDAP OpenLDAP 2.0.18 OpenLDAP OpenLDAP 2.0.17 OpenLDAP OpenLDAP 2.0.16 OpenLDAP OpenLDAP 2.0.15 OpenLDAP OpenLDAP 2.0.14 OpenLDAP OpenLDAP 2.0.13 OpenLDAP OpenLDAP 2.0.12 OpenLDAP OpenLDAP 2.0.11 -9 OpenLDAP OpenLDAP 2.0.11 -11S OpenLDAP OpenLDAP 2.0.11 -11 OpenLDAP OpenLDAP 2.0.11 OpenLDAP OpenLDAP 2.0.10 OpenLDAP OpenLDAP 2.0.9 OpenLDAP OpenLDAP 2.0.8 OpenLDAP OpenLDAP 2.0.7 OpenLDAP OpenLDAP 2.0.6 OpenLDAP OpenLDAP 2.0.5 OpenLDAP OpenLDAP 2.0.4 OpenLDAP OpenLDAP 2.0.3 OpenLDAP OpenLDAP 2.0.2 OpenLDAP OpenLDAP 2.0.1 OpenLDAP OpenLDAP 2.0 OpenLDAP OpenLDAP 1.2.13 OpenLDAP OpenLDAP 1.2.12 OpenLDAP OpenLDAP 1.2.11 OpenLDAP OpenLDAP 1.2.10 OpenLDAP OpenLDAP 1.2.9 OpenLDAP OpenLDAP 1.2.8 OpenLDAP OpenLDAP 1.2.7 OpenLDAP OpenLDAP 1.2.6 OpenLDAP OpenLDAP 1.2.5 OpenLDAP OpenLDAP 1.2.4 OpenLDAP OpenLDAP 1.2.3 OpenLDAP OpenLDAP 1.2.2 OpenLDAP OpenLDAP 1.2.1 OpenLDAP OpenLDAP 1.2 OpenLDAP OpenLDAP 1.1.4 OpenLDAP OpenLDAP 1.1.3 OpenLDAP OpenLDAP 1.1.2 OpenLDAP OpenLDAP 1.1.1 OpenLDAP OpenLDAP 1.1 OpenLDAP OpenLDAP 1.0.3 OpenLDAP OpenLDAP 1.0.2 OpenLDAP OpenLDAP 1.0.1 OpenLDAP OpenLDAP 1.0 OpenLDAP OpenLDAP 2.3.28-E1.0.0 OpenLDAP OpenLDAP 2.3.28-20061022 OpenLDAP OpenLDAP 2.3.28-2.20061022 OpenLDAP OpenLDAP 2.3.27-2.20061018 OpenLDAP OpenLDAO 2.2.29 rev 1.134 Novell Linux POS 9 Novell Linux Desktop 9 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Apple Mac OS X Server 10.5.8 Apple Mac OS X Server 10.5.7 Apple Mac OS X Server 10.5.6 Apple Mac OS X Server 10.5.5 Apple Mac OS X Server 10.5.4 Apple Mac OS X Server 10.5.3 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X Server 10.3.8 Apple Mac OS X Server 10.3.7 Apple Mac OS X Server 10.3.6 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.3.2 Apple Mac OS X Server 10.3.1 Apple Mac OS X Server 10.3 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.8 Apple Mac OS X 10.5.7 Apple Mac OS X 10.5.6 Apple Mac OS X 10.5.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.10 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 Apple Mac OS X 10.3.8 Apple Mac OS X 10.3.7 Apple Mac OS X 10.3.6 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.3.3 Apple Mac OS X 10.3.2 Apple Mac OS X 10.3.1 Apple Mac OS X 10.3 Apple Mac OS X 10.5 |
| Not Vulnerable: |
OpenLDAP OpenLDAP 2.3.39 Apple Mac OS X Server 10.6.2 Apple Mac OS X 10.6.2 |
Discussion
OpenLDAP Multiple Remote Denial of Service Vulnerabilities
OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because of an incorrect NULL-termination issue and a double-free issue.
Attackers can exploit these issues to deny service to legitimate users.
Versions prior to OpenLDAP 2.3.39 are vulnerable.
OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because of an incorrect NULL-termination issue and a double-free issue.
Attackers can exploit these issues to deny service to legitimate users.
Versions prior to OpenLDAP 2.3.39 are vulnerable.
Exploit / POC
OpenLDAP Multiple Remote Denial of Service Vulnerabilities
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
OpenLDAP Multiple Remote Denial of Service Vulnerabilities
Solution:
The vendor has released OpenLDAP 2.3.39 to address these issues. Please see the references for details.
OpenLDAP OpenLDAP 2.3.27-2.20061018
OpenLDAP OpenLDAP 1.0
OpenLDAP OpenLDAP 1.0.2
OpenLDAP OpenLDAP 1.2.1
OpenLDAP OpenLDAP 1.2.10
OpenLDAP OpenLDAP 1.2.8
OpenLDAP OpenLDAP 2.0.1
OpenLDAP OpenLDAP 2.0.11 -9
OpenLDAP OpenLDAP 2.0.11 -11S
OpenLDAP OpenLDAP 2.0.11
OpenLDAP OpenLDAP 2.0.13
OpenLDAP OpenLDAP 2.0.14
OpenLDAP OpenLDAP 2.0.16
OpenLDAP OpenLDAP 2.0.19
OpenLDAP OpenLDAP 2.0.23
OpenLDAP OpenLDAP 2.0.3
OpenLDAP OpenLDAP 2.0.4
OpenLDAP OpenLDAP 2.0.5
OpenLDAP OpenLDAP 2.0.8
OpenLDAP OpenLDAP 2.0.9
OpenLDAP OpenLDAP 2.1.10
OpenLDAP OpenLDAP 2.1.11
OpenLDAP OpenLDAP 2.1.13
OpenLDAP OpenLDAP 2.1.16
OpenLDAP OpenLDAP 2.1.4
OpenLDAP OpenLDAP 2.2.26
Solution:
The vendor has released OpenLDAP 2.3.39 to address these issues. Please see the references for details.
OpenLDAP OpenLDAP 2.3.27-2.20061018
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 1.0
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 1.0.2
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 1.2.1
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 1.2.10
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 1.2.8
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.1
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.11 -9
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.11 -11S
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.11
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.13
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.14
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.16
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.19
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.23
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.3
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.4
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.5
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.8
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.0.9
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.1.10
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.1.11
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.1.13
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.1.16
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.1.4
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
OpenLDAP OpenLDAP 2.2.26
-
OpenLDAP openldap-2.3.39.tgz
ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.3.39.t gz
References
OpenLDAP Multiple Remote Denial of Service Vulnerabilities
References:
References:
- 2.3.39 Release Changes (OpenLDAP)
- Debian Bug report logs - #440632 ldapadd with 'objectClasses' instead of 'object (Debian)
- OpenLDAP Mozilla NSS default cipher suite always selected : Bugs7285 (OpenLDAP)
- Software Bugs/4925 (OpenLDAP)
- Software Bugs/5119 (OpenLDAP)
- Software Bugs/5163 (OpenLDAP)
- Red Hat Linux Security Advisory RHSA-2008:0110 (Red Hat)
- RHSA-2007:1037-3 openldap security and enhancement update (Red Hat)
- RHSA-2007:1038 Moderate: openldap security and enhancement update (Red Hat)