Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHSA-2014:0206-01

Overview

Id RHSA-2014:0206-01
Name Red Hat 2014:0206-01 RHSA Moderate: openldap security update for RHEL 5 x86_64
Vendor Name red_hat
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 24 Feb 2014 12:00:00

RHSA-2014:0206-01

Red Hat 2014:0206-01 RHSA Moderate: openldap security update for RHEL 5 x86_64

Vendor Name

red_hat

Product

None

Released On

24 Feb 2014 12:00:00

Url

https://rhn.redhat.com/errata/RHSA-2014-0206.html

Description

LSAC(v2)
OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) performed reference counting when using the rwm (rewrite/remap) overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending a search request. (CVE-2013-4449) Red Hat would like to thank Michael Vishchers from Seven Principles AG for reporting this issue. All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches

None


Last Updated: 27 May 2016 11:18:30