The CERT advisory lists a number of vulnerabilities in various LDAP implementations, based on the results of the PROTOS LDAPv3 test suite. These tests found one problem in OpenLDAP, a free LDAP implementation which is shipped as part of Debian GNU/Linux 2.2. The problem is that slapd did not handle packets which had BER fields of invalid length and would crash if it received them. An attacker could use this to mount a remote denial of service attack. This problem has been fixed in version 1.2.12-1, and we recommend that you upgrade your slapd package immediately.
The problem is that slapd
did not handle packets which had
BER fields of invalid length and would crash if it received them.
An attacker could use this to mount a remote denial of service attack.
This problem has been fixed in version 1.2.12-1, and we recommend
that you upgrade your slapd
package immediately.
MD5 checksums of the listed files are available in the original advisory.