Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2007:0310
HistoryMay 02, 2007 - 8:52 a.m.

compat, gdm, openldap security update

2007-05-0208:52:57
CentOS Project
lists.centos.org
44

2.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.2%

JSON

CentOS Errata and Security Advisory CESA-2007:0310

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.

A flaw was found in the way OpenLDAP handled selfwrite access. Users with
selfwrite access were able to modify the distinguished name of any user.
(CVE-2006-4600)

All users are advised to upgrade to these updated openldap packages, which
contain a backported patch to correct this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075865.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075866.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075887.html

Affected packages:
compat-openldap
gdm
openldap
openldap-clients
openldap-devel
openldap-servers
openldap-servers-sql

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0310

OSVersionArchitecturePackageVersionFilename
CentOS4ia64gdm< 2.6.0.5-7.rhel4.15gdm-2.6.0.5-7.rhel4.15.ia64.rpm
CentOS4ia64compat-openldap< 2.1.30-7.4Ecompat-openldap-2.1.30-7.4E.ia64.rpm
CentOS4ia64openldap< 2.2.13-7.4Eopenldap-2.2.13-7.4E.ia64.rpm
CentOS4ia64openldap-clients< 2.2.13-7.4Eopenldap-clients-2.2.13-7.4E.ia64.rpm
CentOS4ia64openldap-devel< 2.2.13-7.4Eopenldap-devel-2.2.13-7.4E.ia64.rpm
CentOS4ia64openldap-servers< 2.2.13-7.4Eopenldap-servers-2.2.13-7.4E.ia64.rpm
CentOS4ia64openldap-servers-sql< 2.2.13-7.4Eopenldap-servers-sql-2.2.13-7.4E.ia64.rpm
CentOS4s390compat-openldap< 2.1.30-7.4Ecompat-openldap-2.1.30-7.4E.s390.rpm
CentOS4s390openldap< 2.2.13-7.4Eopenldap-2.2.13-7.4E.s390.rpm
CentOS4s390openldap-clients< 2.2.13-7.4Eopenldap-clients-2.2.13-7.4E.s390.rpm
Rows per page:
1-10 of 191

Related

openvas 4
cve 1
nessus 12
oraclelinux 1
redhat 2
cvelist 1
freebsd 1
nvd 1
ubuntucve 1
centos 1
gentoo 1
vmware 1
securityvulns 1
openvas
openvas
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
cve
cve
CVE-2006-4600
2006-09-07 00:04:00
nessus
nessus
FreeBSD : openldap -- slapd acl selfwrite Security Issue (ae7124ff-547c-11db-8f1a-000a48049292)
2006-10-10 00:00:00
RHEL 4 : openldap (RHSA-2007:0310)
2007-05-02 00:00:00
CentOS 3 : openldap (CESA-2007:0430)
2007-06-14 00:00:00
oraclelinux
oraclelinux
Low: openldap security update
2007-05-17 00:00:00
redhat
redhat
(RHSA-2007:0310) Low: openldap security update
2007-05-01 00:00:00
(RHSA-2007:0430) Low: openldap security and bug-fix update
2007-06-11 13:45:45
cvelist
cvelist
CVE-2006-4600
2006-09-07 00:00:00
freebsd
freebsd
openldap -- slapd acl selfwrite Security Issue
2006-06-14 00:00:00
nvd
nvd
CVE-2006-4600
2006-09-07 00:04:00
ubuntucve
ubuntucve
CVE-2006-4600
2006-09-07 00:00:00
centos
centos
openldap security update
2007-06-11 21:07:22
gentoo
gentoo
VMware Workstation and Player: Multiple vulnerabilities
2007-11-18 00:00:00
vmware
vmware
Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
2007-09-18 00:00:00
securityvulns
securityvulns
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
2007-09-21 00:00:00

2.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.2%

JSON
Related for CESA-2007:0310
openvas4cve1nessus12oraclelinux1redhat2cvelist1freebsd1nvd1ubuntucve1centos1gentoo1vmware1securityvulns1