This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A denial of service flaw was found in the way the OpenLDAP server
daemon (slapd) performed reference counting when using the rwm
(rewrite/remap) overlay. A remote attacker able to query the OpenLDAP
server could use this flaw to crash the server by immediately
unbinding from the server after sending a search request.
This update also fixes the following bug :
- Previously, OpenLDAP did not properly handle a number of
simultaneous updates. As a consequence, sending a number
of parallel update requests to the server could cause a
deadlock. With this update, a superfluous locking
mechanism causing the deadlock has been removed, thus
fixing the bug.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 72276 ()
CVE ID: CVE-2013-4449
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.