Debian Security Advisory DSA 1650-1 (openldap2.3) Network Vulnerability

Summary

The remote host is missing an update to openldap2.3 announced via advisory DSA 1650-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201650-1

Insight

Cameron Hotchkies discovered that the OpenLDAP server slapd, a free implementation of the Lightweight Directory Access Protocol, could be crashed by sending malformed ASN1 requests. For the stable distribution (etch), this problem has been fixed in version 2.3.30-5+etch2. For the unstable distribution (sid), this problem has been fixed in version 2.4.10-3 of the openldap package. We recommend that you upgrade your openldap2.3 packages.

Severity

Classification

CVE CVE-2008-2952

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1066-1 (phpbb2)
Debian Security Advisory DSA 020-1 (php4)
Debian Security Advisory DSA 1000-1 (libapreq2-perl)
Debian Security Advisory DSA 025-1 (openssh)
Debian Security Advisory DSA 1111-2 (kernel-source-2.6.8 et. al.)

Take action and discover your vulnerabilities