SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 5511)
Medium Nessus Plugin ID 34441
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active.
SolutionApply ZYPP patch number 5511.