Mandrake Linux Security Advisory : openldap (MDKSA-2002:013)
High Nessus Plugin ID 13921
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA problem exists in all versions of OpenLDAP from 2.0.0 through 2.0.19 where permissions are not properly checked using access control lists when a user tries to remove an attribute from an object in the directory by replacing it's values with an empty list. Schema checking is still enforced, so a user can only remove attributes that the schema does not require the object to possess.
SolutionUpdate the affected packages.