Mandriva Update For Openldap MDVSA-2012:130 (openldap) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was found and corrected in openldap: slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned (CVE-2012-1164). The updated packages have been patched to correct this issue.

Affected

openldap on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Severity

Classification

CVE CVE-2012-1164

CVSS	Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandriva Update for util-linux MDKSA-2007:053 (util-linux)
Mandriva Update for perl-URPM MDVA-2010:226 (perl-URPM)
Mandriva Security Advisory MDVSA-2009:256-1 (dbus)
Mandriva Update for timezone MDVA-2010:006 (timezone)
Mandriva Update for evolution MDKSA-2007:107 (evolution)

Mandriva Update for openldap MDVSA-2012:130 (openldap)

Take action and discover your vulnerabilities