Mandriva Update For Openldap MDVSA-2012:130 (openldap) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was found and corrected in openldap: slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned (CVE-2012-1164). The updated packages have been patched to correct this issue.

Affected

openldap on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-1164
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:070 (openoffice.org)
Mandriva Update for gtk+2.0 MDKSA-2007:039 (gtk+2.0)
Mandriva Update for vino MDVSA-2011:087 (vino)
Mandriva Update for gdm MDKSA-2007:169 (gdm)
Mandriva Update for timezone MDVA-2010:006 (timezone)

Mandriva Update for openldap MDVSA-2012:130 (openldap)

Take action and discover your vulnerabilities