SUSE-SA:2006:072: openldap2-client

high Nessus Plugin ID 24449

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2006:072 (openldap2-client).

OpenLDAP libldap's strval2strlen() function contained a bug when processing the authcid string of certain Bind Requests, which could allow attackers to cause an affected application (especially the OpenLDAP Server) to crash.

This is tracked by the Mitre CVE ID CVE-2006-5779.

Solution

http://www.novell.com/linux/security/advisories/2006_72_openldap2.html

Plugin Details

Severity: High

ID: 24449

File Name: suse_SA_2006_072.nasl

Version: 1.10

Agent: unix

Family: SuSE Local Security Checks

Published: 2/18/2007

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Detections

Analytics