Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2010:0543
HistoryJul 20, 2010 - 12:00 a.m.

(RHSA-2010:0543) Moderate: openldap security update

2010-07-2000:00:00
access.redhat.com
15

0.789 High

EPSS

Percentile

98.3%

JSON

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.

An uninitialized pointer use flaw was discovered in the way the slapd
daemon handled modify relative distinguished name (modrdn) requests. An
authenticated user with privileges to perform modrdn operations could use
this flaw to crash the slapd daemon via specially-crafted modrdn requests.
(CVE-2010-0211)

Red Hat would like to thank CERT-FI for responsibly reporting the
CVE-2010-0211 flaw, who credit Ilkka Mattila and Tuomas SalomΓ€ki for the
discovery of the issue.

A flaw was found in the way OpenLDAP handled NUL characters in the
CommonName field of X.509 certificates. An attacker able to get a
carefully-crafted certificate signed by a trusted Certificate Authority
could trick applications using OpenLDAP libraries into accepting it by
mistake, allowing the attacker to perform a man-in-the-middle attack.
(CVE-2009-3767)

Users of OpenLDAP should upgrade to these updated packages, which contain
backported patches to resolve these issues. After installing this update,
the OpenLDAP daemons will be restarted automatically.

OSVersionArchitecturePackageVersionFilename
RedHat4s390openldap-servers-sql<Β 2.2.13-12.el4_8.3openldap-servers-sql-2.2.13-12.el4_8.3.s390.rpm
RedHat4s390openldap<Β 2.2.13-12.el4_8.3openldap-2.2.13-12.el4_8.3.s390.rpm
RedHat4i386openldap-clients<Β 2.2.13-12.el4_8.3openldap-clients-2.2.13-12.el4_8.3.i386.rpm
RedHat4ia64openldap-clients<Β 2.2.13-12.el4_8.3openldap-clients-2.2.13-12.el4_8.3.ia64.rpm
RedHat4ppcopenldap-clients<Β 2.2.13-12.el4_8.3openldap-clients-2.2.13-12.el4_8.3.ppc.rpm
RedHat4ia64openldap-servers<Β 2.2.13-12.el4_8.3openldap-servers-2.2.13-12.el4_8.3.ia64.rpm
RedHat4srcopenldap<Β 2.2.13-12.el4_8.3openldap-2.2.13-12.el4_8.3.src.rpm
RedHat4ia64openldap-servers-sql<Β 2.2.13-12.el4_8.3openldap-servers-sql-2.2.13-12.el4_8.3.ia64.rpm
RedHat4s390xopenldap<Β 2.2.13-12.el4_8.3openldap-2.2.13-12.el4_8.3.s390x.rpm
RedHat4ia64compat-openldap<Β 2.1.30-12.el4_8.3compat-openldap-2.1.30-12.el4_8.3.ia64.rpm
Rows per page:
1-10 of 391

Related

openvas 32
nessus 36
oraclelinux 3
centos 2
freebsd 1
cbl_mariner 2
redhat 4
veracode 2
fedora 3
securityvulns 6
ubuntu 2
debian 2
seebug 1
checkpoint_advisories 1
debiancve 2
cvelist 2
prion 2
nvd 2
cve 2
ubuntucve 2
altlinux 2
osv 1
gentoo 1
vmware 4
openvas
openvas
RedHat Update for openldap RHSA-2010:0543-01
2010-07-23 00:00:00
RedHat Update for openldap RHSA-2010:0543-01
2010-07-23 00:00:00
Ubuntu USN-858-1 (openldap2.2)
2009-11-17 00:00:00
nessus
nessus
CentOS 4 : openldap (CESA-2010:0543)
2010-07-22 00:00:00
Oracle Linux 4 : openldap (ELSA-2010-0543)
2013-07-12 00:00:00
RHEL 4 : openldap (RHSA-2010:0543)
2010-07-28 00:00:00
oraclelinux
oraclelinux
openldap security update
2010-07-20 00:00:00
openldap security and bug fix update
2010-04-05 00:00:00
openldap security update
2010-07-20 00:00:00
centos
centos
compat, openldap security update
2010-07-21 19:15:25
compat, openldap security update
2010-07-21 22:18:04
freebsd
freebsd
OpenLDAP -- incorrect handling of NULL in certificate Common Name
2009-08-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2009-3767 affecting package openssl 1.1.1g-6
2021-08-11 06:39:26
CVE-2009-3767 affecting package openldap 2.4.50-1
2021-04-06 23:50:10
redhat
redhat
(RHSA-2010:0198) Moderate: openldap security and bug fix update
2010-03-30 00:00:00
(RHSA-2010:0542) Moderate: openldap security update
2010-07-20 00:00:00
(RHSA-2010:0476) Important: rhev-hypervisor security, bug fix, and enhancement update
2010-06-22 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2020-04-10 00:44:17
Denial Of Service (DoS)
2020-04-10 00:44:09
fedora
fedora
[SECURITY] Fedora 11 Update: openldap-2.4.15-7.fc11
2010-03-02 01:03:33
[SECURITY] Fedora 13 Update: openldap-2.4.21-10.fc13
2010-08-23 22:04:44
[SECURITY] Fedora 12 Update: openldap-2.4.19-6.fc12
2010-10-31 21:33:48
securityvulns
securityvulns
[USN-858-1] OpenLDAP vulnerability
2009-11-13 00:00:00
OpenLDAP certificate spoofing
2009-11-13 00:00:00
OpenLDAP multiple security vulnerabilities
2010-07-30 00:00:00
ubuntu
ubuntu
OpenLDAP vulnerability
2009-11-12 00:00:00
OpenLDAP vulnerabilities
2010-08-09 00:00:00
debian
debian
[SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness
2009-12-02 21:45:40
[SECURITY] [DSA 2077-1] New openldap packages fix potential code execution
2010-07-29 19:08:28
seebug
seebug
OpenLDAP CA SSL证书ιͺŒθ―ζΌζ΄ž
2009-10-27 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenLDAP Modrdn RDN UTF-8 String Code Execution (CVE-2010-0211)
2010-10-13 00:00:00
debiancve
debiancve
CVE-2010-0211
2010-07-28 12:48:51
CVE-2009-3767
2009-10-23 19:30:00
cvelist
cvelist
CVE-2010-0211
2010-07-27 22:00:00
CVE-2009-3767
2009-10-23 19:00:00
prion
prion
Double free
2010-07-28 12:48:00
Design/Logic Flaw
2009-10-23 19:30:00
nvd
nvd
CVE-2010-0211
2010-07-28 12:48:51
CVE-2009-3767
2009-10-23 19:30:00
cve
cve
CVE-2010-0211
2010-07-28 12:48:51
CVE-2009-3767
2009-10-23 19:30:00
ubuntucve
ubuntucve
CVE-2010-0211
2010-07-28 00:00:00
CVE-2009-3767
2009-10-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package openldap2.4 version 2.4.23-alt0.M50P.1
2010-07-01 00:00:00
Security fix for the ALT Linux 5 package openldap2.4 version 2.4.23-alt1
2010-06-30 00:00:00
osv
osv
openldap - potential code execution
2010-07-29 00:00:00
gentoo
gentoo
OpenLDAP: Multiple vulnerabilities
2014-06-30 00:00:00
vmware
vmware
VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
2011-01-04 00:00:00
VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
2011-01-04 00:00:00
VMware ESX third party updates for Service Console
2010-09-30 00:00:00

0.789 High

EPSS

Percentile

98.3%

JSON
Related for RHSA-2010:0543
openvas32nessus36oraclelinux3centos2freebsd1cbl_mariner2redhat4veracode2fedora3securityvulns6ubuntu2debian2seebug1checkpoint_advisories1debiancve2cvelist2prion2nvd2cve2ubuntucve2altlinux2osv1gentoo1vmware4