OpenLDAP SASL authcid Name BIND Request DoS

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.

Synopsis :

The remote LDAP server is prone to a denial of service attack.

Description :

The remote host appears to be running OpenLDAP, an open source LDAP
directory implementation.

The version of OpenLDAP installed on the remote host fails to handle
malformed SASL bind requests. An unauthenticated attacker can
leverage this issue to crash the LDAP server on the affected host.

See also :

Solution :

Upgrade to OpenLDAP 2.3.29 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 23625 ()

Bugtraq ID: 20939

CVE ID: CVE-2006-5779

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now