(Apple Issues Fix) OpenLDAP ber_get_next() Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1020592 |
|
SecurityTracker URL: http://securitytracker.com/id/1020592
|
|
CVE Reference:
CVE-2008-2952
(Links to External Site)
|
Date: Aug 1 2008
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2.3.39 (stable)
|
Description:
A vulnerability was reported in OpenLDAP. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to trigger a flaw in the decoding of ASN.1 BER network datagrams and cause the target service to crash.
A specially crafted BerElement size value can trigger this flaw.
The vulnerability resides in the ber_get_next() function in 'libraries/liblber/io.c'.
Cameron Hotchkies reported this vulnerability.
|
Impact:
A remote user can cause the LDAP service to crash.
|
Solution:
Apple has issued a fix (Security Update 2008-005), which can be downloaded and installed via Software Update preferences, or from Apple Downloads at:
http://www.apple.com/support/downloads/
The Apple advisory is available at:
http://support.apple.com/kb/HT2647
|
Vendor URL: www.openldap.org/its/index.cgi/Software%20Bugs?id=5580 (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
UNIX (OS X)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 31 Jul 2008 22:49:11 -0400
Subject: Apple
|
http://support.apple.com/kb/HT2647
Security Update 2008-005
OpenLDAP
CVE-ID: CVE-2008-2952
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.4, Mac OS X Server v10.5.4
Impact: A remote attacker may be able to cause an unexpected application termination
Description: An issue exists in OpenLDAP's ASN.1 BER decoding. Processing a maliciously crafted LDAP message may trigger an assertion and lead to an unexpected application termination of the OpenLDAP daemon, slapd. This update addresses the issue
|
|
