Upstream information

CVE-2008-0658 at MITRE

Description

slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4
Vector AV:N/AC:L/Au:S/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 357919 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • openldap2 >= 2.2.24-4.25
  • openldap2-back-ldap >= 2.2.24-4.25
  • openldap2-back-meta >= 2.2.24-4.25
  • openldap2-back-monitor >= 2.2.24-4.25
  • openldap2-back-perl >= 2.2.24-4.25
  • openldap2-client >= 2.2.24-4.25
  • openldap2-devel >= 2.2.24-4.25
core9.s390
sles10.x86
core9.ppc
core9.x86-64
sles10.s390x
sled10.x86
sles10.x86-64
sles9-nlpos.x86
core9.s390x
sled10.x86-64
sles10.ia64
sles10.ia64
sles9-nld.x86-64
sles10.s390x
core9.x86
sles10.ppc
sles10.x86-64
sles9-nld.x86
sles10.ppc
core9.ia64
sles9-oes.x86
sles10.x86
ZYPP Patch Nr: 4989
Novell Linux Desktop 9 for x86_64
  • openldap2 >= 2.2.24-4.25
  • openldap2-back-ldap >= 2.2.24-4.25
  • openldap2-back-meta >= 2.2.24-4.25
  • openldap2-back-monitor >= 2.2.24-4.25
  • openldap2-back-perl >= 2.2.24-4.25
  • openldap2-client >= 2.2.24-4.25
  • openldap2-client-32bit >= 9-200802110138
  • openldap2-devel >= 2.2.24-4.25
  • openldap2-devel-32bit >= 9-200802110138
core9.s390
sles10.x86
core9.ppc
core9.x86-64
sles10.s390x
sled10.x86
sles10.x86-64
sles9-nlpos.x86
core9.s390x
sled10.x86-64
sles10.ia64
sles10.ia64
sles9-nld.x86-64
sles10.s390x
core9.x86
sles10.ppc
sles10.x86-64
sles9-nld.x86
sles10.ppc
core9.ia64
sles9-oes.x86
sles10.x86
ZYPP Patch Nr: 4989
SUSE LINUX 10.1
  • openldap2 >= 2.3.19-18.18
  • openldap2-back-meta >= 2.3.19-18.18
  • openldap2-back-perl >= 2.3.19-18.18
  • openldap2-devel >= 2.3.19-18.16
  • openldap2-devel-32bit >= 2.3.19-18.16
  • openldap2-devel-64bit >= 2.3.19-18.16