OpenLDAP SASL authcid Name BIND Request DoS

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.


Synopsis :

The remote LDAP server is prone to a denial of service attack.

Description :

The remote host appears to be running OpenLDAP, an open source LDAP
directory implementation.

The version of OpenLDAP installed on the remote host fails to handle
malformed SASL bind requests. An unauthenticated attacker can
leverage this issue to crash the LDAP server on the affected host.

See also :

http://www.securityfocus.com/archive/1/450728/30/0/threaded
http://www.nessus.org/u?9daf484d
http://www.openldap.org/software/release/changes.html

Solution :

Upgrade to OpenLDAP 2.3.29 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 23625 ()

Bugtraq ID: 20939

CVE ID: CVE-2006-5779

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial