Vulnerabilities > CVE-2015-6908 - Improper Input Validation vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
openldap
apple
CWE-20
nessus
exploit available

Summary

The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.

Vulnerable Configurations

Part Description Count
Application
Openldap
40
OS
Apple
95

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Server Side Include (SSI) Injection
    An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
  • Cross Zone Scripting
    An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
  • Cross Site Scripting through Log Files
    An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
  • Command Line Execution through SQL Injection
    An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.

Exploit-Db

descriptionOpenLDAP 2.4.42 - ber_get_next Denial of Service. CVE-2015-6908. Dos exploit for linux platform
idEDB-ID:38145
last seen2016-02-04
modified2015-09-11
published2015-09-11
reporterDenis Andzakovic
sourcehttps://www.exploit-db.com/download/38145/
titleOpenLDAP 2.4.42 - ber_get_next Denial of Service

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3356.NASL
    descriptionDenis Andzakovic discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, does not properly handle BER data. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet.
    last seen2020-06-01
    modified2020-06-02
    plugin id85912
    published2015-09-14
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85912
    titleDebian DSA-3356-1 : openldap - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-3356. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85912);
      script_version("2.4");
      script_cvs_date("Date: 2018/11/10 11:49:37");
    
      script_cve_id("CVE-2015-6908");
      script_xref(name:"DSA", value:"3356");
    
      script_name(english:"Debian DSA-3356-1 : openldap - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Denis Andzakovic discovered that OpenLDAP, a free implementation of
    the Lightweight Directory Access Protocol, does not properly handle
    BER data. An unauthenticated remote attacker can use this flaw to
    cause a denial of service (slapd daemon crash) via a specially crafted
    packet."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798622"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/wheezy/openldap"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/openldap"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2015/dsa-3356"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the openldap packages.
    
    For the oldstable distribution (wheezy), this problem has been fixed
    in version 2.4.31-2+deb7u1.
    
    For the stable distribution (jessie), this problem has been fixed in
    version 2.4.40+dfsg-1+deb8u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openldap");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"7.0", prefix:"ldap-utils", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libldap-2.4-2", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libldap-2.4-2-dbg", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libldap2-dev", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"slapd", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"slapd-dbg", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"slapd-smbk5pwd", reference:"2.4.31-2+deb7u1")) flag++;
    if (deb_check(release:"8.0", prefix:"ldap-utils", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libldap-2.4-2", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libldap-2.4-2-dbg", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libldap2-dev", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"slapd", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"slapd-dbg", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"slapd-smbk5pwd", reference:"2.4.40+dfsg-1+deb8u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0123.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-6908 openldap: ber_get_next denial of service vulnerability (#1263171) - fix: nslcd segfaults due to incorrect mutex initialization (#1144294) - fix: Updating openldap deletes database if slapd.conf is used (#1193519) - fix: ppc64: slaptest segfault in openldap-2.4.40 (#1202696) - fix: bring back accidentaly removed patch (#1147983) - rebase to 2.4.40 (#1147983) - fix: make /etc/openldap/check_password.conf readable by ldap (#1155390) - revert previous patch (#1172296) - fix: crash in ldap_domain2hostlist when processing SRV record (#1164369) - support TLS 1.1 and later (#1160467) - enhancement: add ppolicy-check-password (#1155390) - fix: prevent freed memory reuse (#1172296) - fix: provide a shim libldif.so (#1110382) - fix: remove correct tmp file when generating server cert (#1102083) - remove unapplied patches - fix: TLS_REQCERT documentation in client manpage (#1027796) - review %configure and remove nonexistent options - add another missing patch forgotten during the rebase - fix: enable dynamic linking - unresolved symbols in the smbk5pwd module - add missing patches that were removed by mistake during the rebase - rebase to 2.4.39 (#923680) + drop a lot of upstreamed patches, backport the rest + compile in mdb + remove automatic slapd.conf -> slapd-config conversion - fix: segfault on certain queries with rwm overlay (#1003038) - fix: deadlock during SSL_ForceHandshake (#996373) + revert nss-handshake-threadsafe.patch
    last seen2020-06-01
    modified2020-06-02
    plugin id86216
    published2015-10-01
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86216
    titleOracleVM 3.3 : openldap (OVMSA-2015-0123)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The package checks in this plugin were extracted from OracleVM
    # Security Advisory OVMSA-2015-0123.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(86216);
      script_version("2.4");
      script_cvs_date("Date: 2019/09/27 13:00:34");
    
      script_cve_id("CVE-2015-6908");
    
      script_name(english:"OracleVM 3.3 : openldap (OVMSA-2015-0123)");
      script_summary(english:"Checks the RPM output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote OracleVM host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote OracleVM system is missing necessary patches to address
    critical security updates :
    
      - CVE-2015-6908 openldap: ber_get_next denial of service
        vulnerability (#1263171)
    
      - fix: nslcd segfaults due to incorrect mutex
        initialization (#1144294)
    
      - fix: Updating openldap deletes database if slapd.conf is
        used (#1193519)
    
      - fix: ppc64: slaptest segfault in openldap-2.4.40
        (#1202696)
    
      - fix: bring back accidentaly removed patch (#1147983)
    
      - rebase to 2.4.40 (#1147983)
    
      - fix: make /etc/openldap/check_password.conf readable by
        ldap (#1155390)
    
      - revert previous patch (#1172296)
    
      - fix: crash in ldap_domain2hostlist when processing SRV
        record (#1164369)
    
      - support TLS 1.1 and later (#1160467)
    
      - enhancement: add ppolicy-check-password (#1155390)
    
      - fix: prevent freed memory reuse (#1172296)
    
      - fix: provide a shim libldif.so (#1110382)
    
      - fix: remove correct tmp file when generating server cert
        (#1102083)
    
      - remove unapplied patches
    
      - fix: TLS_REQCERT documentation in client manpage
        (#1027796)
    
      - review %configure and remove nonexistent options
    
      - add another missing patch forgotten during the rebase
    
      - fix: enable dynamic linking - unresolved symbols in the
        smbk5pwd module
    
      - add missing patches that were removed by mistake during
        the rebase
    
      - rebase to 2.4.39 (#923680)
    
      + drop a lot of upstreamed patches, backport the rest
    
      + compile in mdb
    
      + remove automatic slapd.conf -> slapd-config conversion
    
      - fix: segfault on certain queries with rwm overlay
        (#1003038)
    
      - fix: deadlock during SSL_ForceHandshake (#996373)
    
      + revert nss-handshake-threadsafe.patch"
      );
      # https://oss.oracle.com/pipermail/oraclevm-errata/2015-September/000371.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?06953aae"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected openldap / openldap-clients packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:openldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:openldap-clients");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/09/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"OracleVM Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/OracleVM/release");
    if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
    if (! preg(pattern:"^OVS" + "3\.3" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3", "OracleVM " + release);
    if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    flag = 0;
    if (rpm_check(release:"OVS3.3", reference:"openldap-2.4.40-6.el6_7")) flag++;
    if (rpm_check(release:"OVS3.3", reference:"openldap-clients-2.4.40-6.el6_7")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openldap / openldap-clients");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-309.NASL
    descriptionDenis Andzakovic discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, does not properly handle BER data. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet. The Squeeze-LTS package has been prepared by Ryan Tandy. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-09-15
    plugin id85931
    published2015-09-15
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/85931
    titleDebian DLA-309-1 : openldap security update
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-309-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85931);
      script_version("2.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-6908");
    
      script_name(english:"Debian DLA-309-1 : openldap security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Denis Andzakovic discovered that OpenLDAP, a free implementation of
    the Lightweight Directory Access Protocol, does not properly handle
    BER data. An unauthenticated remote attacker can use this flaw to
    cause a denial of service (slapd daemon crash) via a specially crafted
    packet.
    
    The Squeeze-LTS package has been prepared by Ryan Tandy.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2015/09/msg00005.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/squeeze-lts/openldap"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:ldap-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libldap-2.4-2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libldap-2.4-2-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libldap2-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:slapd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:slapd-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:slapd-smbk5pwd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/09/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"6.0", prefix:"ldap-utils", reference:"2.4.23-7.3+deb6u2")) flag++;
    if (deb_check(release:"6.0", prefix:"libldap-2.4-2", reference:"2.4.23-7.3+deb6u2")) flag++;
    if (deb_check(release:"6.0", prefix:"libldap-2.4-2-dbg", reference:"2.4.23-7.3+deb6u2")) flag++;
    if (deb_check(release:"6.0", prefix:"libldap2-dev", reference:"2.4.23-7.3+deb6u2")) flag++;
    if (deb_check(release:"6.0", prefix:"slapd", reference:"2.4.23-7.3+deb6u2")) flag++;
    if (deb_check(release:"6.0", prefix:"slapd-dbg", reference:"2.4.23-7.3+deb6u2")) flag++;
    if (deb_check(release:"6.0", prefix:"slapd-smbk5pwd", reference:"2.4.23-7.3+deb6u2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0090-1.NASL
    descriptionThis update fixes the following security issue : - CVE-2015-6908. Passing a crafted packet to the function ber_get_next(), an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87909
    published2016-01-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87909
    titleSUSE SLED11 / SLES11 Security Update : openldap2 (SUSE-SU-2016:0090-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:0090-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87909);
      script_version("2.5");
      script_cvs_date("Date: 2019/09/11 11:22:13");
    
      script_cve_id("CVE-2015-6908");
    
      script_name(english:"SUSE SLED11 / SLES11 Security Update : openldap2 (SUSE-SU-2016:0090-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update fixes the following security issue :
    
      - CVE-2015-6908. Passing a crafted packet to the function
        ber_get_next(), an attacker may cause a remote denial of
        service, crashing the OpenLDAP server (bsc#945582).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=945582"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-6908/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20160090-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?4a5e32d8"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 11-SP4 :
    
    zypper in -t patch sdksp4-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Software Development Kit 11-SP3 :
    
    zypper in -t patch sdksp3-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Server for VMWare 11-SP3 :
    
    zypper in -t patch slessp3-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Server 11-SP4 :
    
    zypper in -t patch slessp4-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Server 11-SP3 :
    
    zypper in -t patch slessp3-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Server 11-SECURITY :
    
    zypper in -t patch secsp3-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Desktop 11-SP4 :
    
    zypper in -t patch sledsp4-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Desktop 11-SP3 :
    
    zypper in -t patch sledsp3-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Debuginfo 11-SP4 :
    
    zypper in -t patch dbgsp4-openldap2-20151222-12317=1
    
    SUSE Linux Enterprise Debuginfo 11-SP3 :
    
    zypper in -t patch dbgsp3-openldap2-20151222-12317=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:compat-libldap-2_3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libldap-2_4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libldap-2_4-2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openldap2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openldap2-back-meta");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openldap2-client");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/01/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED11|SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED11 / SLES11", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + sp);
    if (os_ver == "SLED11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED11 SP3/4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libldap-2_4-2-32bit-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libldap-2_4-2-32bit-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"compat-libldap-2_3-0-2.3.37-2.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"libldap-2_4-2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"openldap2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"openldap2-back-meta-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"openldap2-client-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"libldap-2_4-2-32bit-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"libldap-2_4-2-32bit-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"compat-libldap-2_3-0-2.3.37-2.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"libldap-2_4-2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"openldap2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"openldap2-back-meta-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"openldap2-client-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"libldap-2_4-2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"openldap2-client-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"4", cpu:"x86_64", reference:"libldap-2_4-2-32bit-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"libldap-2_4-2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"4", cpu:"i586", reference:"openldap2-client-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"3", cpu:"x86_64", reference:"libldap-2_4-2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"3", cpu:"x86_64", reference:"openldap2-client-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"3", cpu:"x86_64", reference:"libldap-2_4-2-32bit-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"3", cpu:"i586", reference:"libldap-2_4-2-2.4.26-0.62.2")) flag++;
    if (rpm_check(release:"SLED11", sp:"3", cpu:"i586", reference:"openldap2-client-2.4.26-0.62.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openldap2");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_4910D16158A411E59AD814DAE9D210B8.NASL
    descriptionDenis Andzakovic reports : By sending a crafted packet, an attacker may cause the OpenLDAP server to reach an assert(9 9 statement, crashing the daemon.
    last seen2020-06-01
    modified2020-06-02
    plugin id85924
    published2015-09-14
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85924
    titleFreeBSD : openldap -- denial of service vulnerability (4910d161-58a4-11e5-9ad8-14dae9d210b8)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(85924);
      script_version("2.4");
      script_cvs_date("Date: 2018/11/10 11:49:44");
    
      script_cve_id("CVE-2015-6908");
    
      script_name(english:"FreeBSD : openldap -- denial of service vulnerability (4910d161-58a4-11e5-9ad8-14dae9d210b8)");
      script_summary(english:"Checks for updated package in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote FreeBSD host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Denis Andzakovic reports :
    
    By sending a crafted packet, an attacker may cause the OpenLDAP server
    to reach an assert(9 9 statement, crashing the daemon."
      );
      # http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?b8d71587"
      );
      # http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=6fe51a9ab04fd28bbc171da3cf12f1c1040d6629
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2297a57c"
      );
      # https://vuxml.freebsd.org/freebsd/4910d161-58a4-11e5-9ad8-14dae9d210b8.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?476517d4"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:openldap-server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"openldap-server<2.4.42_1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150929_OPENLDAP_ON_SL5_X.NASL
    descriptionA flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908)
    last seen2020-03-18
    modified2015-09-30
    plugin id86202
    published2015-09-30
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86202
    titleScientific Linux Security Update : openldap on SL5.x, SL6.x, SL7.x i386/x86_64 (20150929)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(86202);
      script_version("2.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2015-6908");
    
      script_name(english:"Scientific Linux Security Update : openldap on SL5.x, SL6.x, SL7.x i386/x86_64 (20150929)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A flaw was found in the way the OpenLDAP server daemon (slapd) parsed
    certain Basic Encoding Rules (BER) data. A remote attacker could use
    this flaw to crash slapd via a specially crafted packet.
    (CVE-2015-6908)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1509&L=scientific-linux-errata&F=&S=&P=21602
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0d4496b6"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:compat-openldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap-clients");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap-servers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap-servers-overlays");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:openldap-servers-sql");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/09/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/30");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"compat-openldap-2.3.43_2.2.29-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-2.3.43-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-clients-2.3.43-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-debuginfo-2.3.43-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-devel-2.3.43-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-servers-2.3.43-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-servers-overlays-2.3.43-29.el5_11")) flag++;
    if (rpm_check(release:"SL5", reference:"openldap-servers-sql-2.3.43-29.el5_11")) flag++;
    
    if (rpm_check(release:"SL6", reference:"openldap-2.4.40-6.el6_7")) flag++;
    if (rpm_check(release:"SL6", reference:"openldap-clients-2.4.40-6.el6_7")) flag++;
    if (rpm_check(release:"SL6", reference:"openldap-debuginfo-2.4.40-6.el6_7")) flag++;
    if (rpm_check(release:"SL6", reference:"openldap-devel-2.4.40-6.el6_7")) flag++;
    if (rpm_check(release:"SL6", reference:"openldap-servers-2.4.40-6.el6_7")) flag++;
    if (rpm_check(release:"SL6", reference:"openldap-servers-sql-2.4.40-6.el6_7")) flag++;
    
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"openldap-2.4.39-7.el7_1")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"openldap-clients-2.4.39-7.el7_1")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"openldap-debuginfo-2.4.39-7.el7_1")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"openldap-devel-2.4.39-7.el7_1")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"openldap-servers-2.4.39-7.el7_1")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"openldap-servers-sql-2.4.39-7.el7_1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "compat-openldap / openldap / openldap-clients / openldap-debuginfo / etc");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_11_2.NASL
    descriptionThe remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedia Playback - Disk Images - EFI - File Bookmark - Hypervisor - iBooks - ImageIO - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - IOKit SCSI - IOThunderboltFamily - Kernel - kext tools - Keychain Access - libarchive - libc - libexpat - libxml2 - OpenGL - OpenLDAP - OpenSSH - QuickLook - Sandbox - Security - System Integrity Protection Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id87314
    published2015-12-10
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87314
    titleMac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(87314);
      script_version("1.10");
      script_cvs_date("Date: 2019/11/20");
    
      script_cve_id(
        "CVE-2011-2895",
        "CVE-2012-0876",
        "CVE-2012-1147",
        "CVE-2012-1148",
        "CVE-2015-3807",
        "CVE-2015-5333",
        "CVE-2015-5334",
        "CVE-2015-6908",
        "CVE-2015-7001",
        "CVE-2015-7038",
        "CVE-2015-7039",
        "CVE-2015-7040",
        "CVE-2015-7041",
        "CVE-2015-7042",
        "CVE-2015-7043",
        "CVE-2015-7044",
        "CVE-2015-7045",
        "CVE-2015-7046",
        "CVE-2015-7047",
        "CVE-2015-7052",
        "CVE-2015-7053",
        "CVE-2015-7054",
        "CVE-2015-7058",
        "CVE-2015-7059",
        "CVE-2015-7060",
        "CVE-2015-7061",
        "CVE-2015-7062",
        "CVE-2015-7063",
        "CVE-2015-7064",
        "CVE-2015-7065",
        "CVE-2015-7066",
        "CVE-2015-7067",
        "CVE-2015-7068",
        "CVE-2015-7071",
        "CVE-2015-7073",
        "CVE-2015-7074",
        "CVE-2015-7075",
        "CVE-2015-7076",
        "CVE-2015-7077",
        "CVE-2015-7078",
        "CVE-2015-7081",
        "CVE-2015-7083",
        "CVE-2015-7084",
        "CVE-2015-7094",
        "CVE-2015-7105",
        "CVE-2015-7106",
        "CVE-2015-7107",
        "CVE-2015-7108",
        "CVE-2015-7109",
        "CVE-2015-7110",
        "CVE-2015-7111",
        "CVE-2015-7112",
        "CVE-2015-7115",
        "CVE-2015-7116",
        "CVE-2015-7803",
        "CVE-2015-7804"
      );
      script_bugtraq_id(
        49124,
        52379,
        76343,
        76714,
        76959,
        77112,
        78719,
        78721,
        78725,
        78730,
        78733,
        78735
      );
      script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-12-08-3");
      script_xref(name:"EDB-ID", value:"38917");
    
      script_name(english:"Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities");
      script_summary(english:"Checks the version of Mac OS X.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a Mac OS X update that fixes multiple
    security vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The remote host is running a version of Mac OS X that is 10.11.x prior
    to 10.11.2. It is, therefore, affected by multiple vulnerabilities in
    the following components :
    
      - apache_mod_php
      - AppSandbox
      - Bluetooth
      - CFNetwork HTTPProtocol
      - Compression
      - Configuration Profiles
      - CoreGraphics
      - CoreMedia Playback
      - Disk Images
      - EFI
      - File Bookmark
      - Hypervisor
      - iBooks
      - ImageIO
      - Intel Graphics Driver
      - IOAcceleratorFamily
      - IOHIDFamily
      - IOKit SCSI
      - IOThunderboltFamily
      - Kernel
      - kext tools
      - Keychain Access
      - libarchive
      - libc
      - libexpat
      - libxml2
      - OpenGL
      - OpenLDAP
      - OpenSSH
      - QuickLook
      - Sandbox
      - Security
      - System Integrity Protection
    
    Note that successful exploitation of the most serious issues can
    result in arbitrary code execution.");
      script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205579");
      script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205637");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Mac OS X version 10.11.2 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7071");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/11");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/12/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/10");
    
      script_set_attribute(attribute:"plugin_type", value:"combined");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
      script_require_ports("Host/MacOSX/Version", "Host/OS");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    os = get_kb_item("Host/MacOSX/Version");
    if (!os)
    {
      os = get_kb_item_or_exit("Host/OS");
      if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "Mac OS X");
    
      c = get_kb_item("Host/OS/Confidence");
      if (c <= 70) exit(1, "Cannot determine the host's OS with sufficient confidence.");
    }
    if (!os) audit(AUDIT_OS_NOT, "Mac OS X");
    
    match = eregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os);
    if (isnull(match)) exit(1, "Failed to parse the Mac OS X version ('" + os + "').");
    
    version = match[1];
    
    if (
      version !~ "^10\.11([^0-9]|$)"
    ) audit(AUDIT_OS_NOT, "Mac OS X 10.11 or later", "Mac OS X "+version);
    
    fixed_version = "10.11.2";
    if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
    {
      if (report_verbosity > 0)
        {
          report = '\n  Installed version : ' + version +
                   '\n  Fixed version     : ' + fixed_version +
                   '\n';
          security_hole(port:0, extra:report);
        }
        else security_hole(0);
        exit(0);
    }
    else exit(0, "The host is not affected since it is running Mac OS X "+version+".");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-102.NASL
    descriptionThis update fixes the following security issues : - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582) - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766) It also fixes the following non-security bugs : - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment - bsc#904028: Add missing dependency binutils used by %pre.
    last seen2020-06-05
    modified2016-02-03
    plugin id88534
    published2016-02-03
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88534
    titleopenSUSE Security Update : openldap2 (openSUSE-2016-102) (Logjam)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-599.NASL
    descriptionA flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908)
    last seen2020-06-01
    modified2020-06-02
    plugin id86355
    published2015-10-13
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/86355
    titleAmazon Linux AMI : openldap / compat-openldap (ALAS-2015-599)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2742-1.NASL
    descriptionDenis Andzakovic discovered that OpenLDAP incorrectly handled certain BER data. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2015-6908) Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped with a potentially unsafe default access control configuration. Depending on how the database is configure, this may allow users to impersonate others by modifying attributes such as their Unix user and group numbers. (CVE-2014-9713). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id85984
    published2015-09-17
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85984
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.04 : openldap vulnerabilities (USN-2742-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1840.NASL
    descriptionUpdated openldap packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908) All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id86200
    published2015-09-30
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86200
    titleRHEL 5 / 6 / 7 : openldap (RHSA-2015:1840)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-104.NASL
    descriptionThis update fixes the following security issues : - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582) - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766) It also fixes the following non-security bugs : - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment This update adds the following functionality : - fate#319300: SHA2 password hashing module that can be loaded on-demand. This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-02-03
    plugin id88535
    published2016-02-03
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88535
    titleopenSUSE Security Update : openldap2 (openSUSE-2016-104) (Logjam)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-1840.NASL
    descriptionFrom Red Hat Security Advisory 2015:1840 : Updated openldap packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908) All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id86199
    published2015-09-30
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86199
    titleOracle Linux 5 / 6 / 7 : openldap (ELSA-2015-1840)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-92.NASL
    descriptionThis update fixes the following security issues : - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582) - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766) It also fixes the following non-security bugs : - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment - bsc#904028: Add missing dependency binutils used by %pre.
    last seen2020-06-05
    modified2016-01-26
    plugin id88165
    published2016-01-26
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88165
    titleopenSUSE Security Update : openldap2 (openSUSE-2016-92) (Logjam)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-1840.NASL
    descriptionUpdated openldap packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenLDAP is an open source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908) All openldap users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id86515
    published2015-10-22
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86515
    titleCentOS 5 / 6 / 7 : openldap (CESA-2015:1840)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0069.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-6908 openldap: ber_get_next denial of service vulnerability (#1263170) - fix: syncprov psearch race condition (#999811) - fix: CVE-2013-4449 segfault on certain queries with rwm overlay (#1064146) - fix: do not send IPv6 DNS queries when IPv6 is disabled on the host (#812772) - fix: disable static libraries stripping (#684630) - fix: memory leaks in syncrepl and slap_sl_free (#741184) - new feature update: honor priority/weight with ldap_domain2hostlist (#733435) - fix: initscript marked as %config incorrectly (#738768) - new feature: honor priority/weight with ldap_domain2hostlist (#733435) - fix: strict aliasing warnings during package build (#732381) - fix: OpenLDAP packages lack debug data (#684630) - doc: Document preferred use of TLS_CACERT instead of TLS_CACERTDIR to specify Certificate Authorities (#699652) - fix: libldap ignores a directory of CA certificates if any of them can
    last seen2020-06-01
    modified2020-06-02
    plugin id91749
    published2016-06-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91749
    titleOracleVM 3.2 : openldap (OVMSA-2016-0069)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0224-1.NASL
    descriptionThis update fixes the following security issues : - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582) - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766) It also fixes the following non-security bugs : - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment This update adds the following functionality : - fate#319300: SHA2 password hashing module that can be loaded on-demand. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id88176
    published2016-01-26
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88176
    titleSUSE SLED12 / SLES12 Security Update : openldap2 (SUSE-SU-2016:0224-1) (Logjam)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2015-008.NASL
    descriptionThe remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2015-005 or 2015-008. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedia Playback - Disk Images - EFI - File Bookmark - Hypervisor - iBooks - ImageIO - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - IOKit SCSI - IOThunderboltFamily - Kernel - kext tools - Keychain Access - libarchive - libc - libexpat - libxml2 - OpenGL - OpenLDAP - OpenSSH - QuickLook - Sandbox - Security - System Integrity Protection Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id87321
    published2015-12-11
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87321
    titleMac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)

Redhat

advisories
bugzilla
id1262393
titleCVE-2015-6908 openldap: ber_get_next denial of service vulnerability
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 5 is installed
      ovaloval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • commentopenldap-servers-sql is earlier than 0:2.3.43-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840001
        • commentopenldap-servers-sql is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20071037010
      • AND
        • commentopenldap-devel is earlier than 0:2.3.43-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840003
        • commentopenldap-devel is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20071037002
      • AND
        • commentopenldap-servers is earlier than 0:2.3.43-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840005
        • commentopenldap-servers is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20071037008
      • AND
        • commentopenldap-servers-overlays is earlier than 0:2.3.43-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840007
        • commentopenldap-servers-overlays is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20100198012
      • AND
        • commentopenldap-clients is earlier than 0:2.3.43-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840009
        • commentopenldap-clients is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20071037012
      • AND
        • commentopenldap is earlier than 0:2.3.43-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840011
        • commentopenldap is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20071037006
      • AND
        • commentcompat-openldap is earlier than 0:2.3.43_2.2.29-29.el5_11
          ovaloval:com.redhat.rhsa:tst:20151840013
        • commentcompat-openldap is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20071037004
  • AND
    • commentRed Hat Enterprise Linux 6 is installed
      ovaloval:com.redhat.rhba:tst:20111656003
    • OR
      • AND
        • commentopenldap-servers is earlier than 0:2.4.40-6.el6_7
          ovaloval:com.redhat.rhsa:tst:20151840016
        • commentopenldap-servers is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292006
      • AND
        • commentopenldap-servers-sql is earlier than 0:2.4.40-6.el6_7
          ovaloval:com.redhat.rhsa:tst:20151840018
        • commentopenldap-servers-sql is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292004
      • AND
        • commentopenldap-devel is earlier than 0:2.4.40-6.el6_7
          ovaloval:com.redhat.rhsa:tst:20151840020
        • commentopenldap-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292002
      • AND
        • commentopenldap-clients is earlier than 0:2.4.40-6.el6_7
          ovaloval:com.redhat.rhsa:tst:20151840022
        • commentopenldap-clients is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292010
      • AND
        • commentopenldap is earlier than 0:2.4.40-6.el6_7
          ovaloval:com.redhat.rhsa:tst:20151840024
        • commentopenldap is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292008
  • AND
    • commentRed Hat Enterprise Linux 7 is installed
      ovaloval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • commentopenldap-devel is earlier than 0:2.4.39-7.el7_1
          ovaloval:com.redhat.rhsa:tst:20151840027
        • commentopenldap-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292002
      • AND
        • commentopenldap-servers-sql is earlier than 0:2.4.39-7.el7_1
          ovaloval:com.redhat.rhsa:tst:20151840028
        • commentopenldap-servers-sql is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292004
      • AND
        • commentopenldap-servers is earlier than 0:2.4.39-7.el7_1
          ovaloval:com.redhat.rhsa:tst:20151840029
        • commentopenldap-servers is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292006
      • AND
        • commentopenldap-clients is earlier than 0:2.4.39-7.el7_1
          ovaloval:com.redhat.rhsa:tst:20151840030
        • commentopenldap-clients is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292010
      • AND
        • commentopenldap is earlier than 0:2.4.39-7.el7_1
          ovaloval:com.redhat.rhsa:tst:20151840031
        • commentopenldap is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151292008
rhsa
idRHSA-2015:1840
released2015-09-29
severityImportant
titleRHSA-2015:1840: openldap security update (Important)
rpms
  • compat-openldap-0:2.3.43_2.2.29-29.el5_11
  • openldap-0:2.3.43-29.el5_11
  • openldap-0:2.4.39-7.ael7b_1
  • openldap-0:2.4.39-7.el7_1
  • openldap-0:2.4.40-6.el6_7
  • openldap-clients-0:2.3.43-29.el5_11
  • openldap-clients-0:2.4.39-7.ael7b_1
  • openldap-clients-0:2.4.39-7.el7_1
  • openldap-clients-0:2.4.40-6.el6_7
  • openldap-debuginfo-0:2.3.43-29.el5_11
  • openldap-debuginfo-0:2.4.39-7.ael7b_1
  • openldap-debuginfo-0:2.4.39-7.el7_1
  • openldap-debuginfo-0:2.4.40-6.el6_7
  • openldap-devel-0:2.3.43-29.el5_11
  • openldap-devel-0:2.4.39-7.ael7b_1
  • openldap-devel-0:2.4.39-7.el7_1
  • openldap-devel-0:2.4.40-6.el6_7
  • openldap-servers-0:2.3.43-29.el5_11
  • openldap-servers-0:2.4.39-7.ael7b_1
  • openldap-servers-0:2.4.39-7.el7_1
  • openldap-servers-0:2.4.40-6.el6_7
  • openldap-servers-overlays-0:2.3.43-29.el5_11
  • openldap-servers-sql-0:2.3.43-29.el5_11
  • openldap-servers-sql-0:2.4.39-7.ael7b_1
  • openldap-servers-sql-0:2.4.39-7.el7_1
  • openldap-servers-sql-0:2.4.40-6.el6_7