MDVSA-2011:055 -- Mandriva openldapID: oval:org.secpod.oval:def:300429 | Date: (C)2012-01-07 (M)2021-06-02 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been identified and fixed in openldap: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server . modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name modification request that contains an empty value for the OldDN field . Packages for 2009.0 are provided as of the Extended Maintenance Program
Platform: |
Mandriva Linux 2009.0 |