The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of OpenLDAP: denial of service via attrsOnly

Synthesis of the vulnerability 

An attacker can use a query on attributes only, in order to stop the slapd service.
Vulnerable software: Mac OS X, Mandriva Linux, OpenLDAP, RHEL, Ubuntu.
Severity of this announce: 2/4.
Creation date: 12/03/2012.
Références of this computer vulnerability: BID-52404, CERTA-2012-AVI-147, CVE-2012-1164, HT210788, MDVSA-2012:130, RHSA-2012:0899-04, USN-2622-1, VIGILANCE-VUL-11425.

Description of the vulnerability 

The "Translucent Proxy" feature of OpenLDAP is used to create a proxy where attributes of the remote server can be modified before being returned to the client.

However, in this configuration, if the client only queries attribute names (ldapsearch -A), without requesting values of attributes, an assertion error occurs in the attr_dup2() function of the servers/slapd/attr.c file.

An attacker can therefore use a query on attributes only, in order to stop the slapd service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat impacts software or systems such as Mac OS X, Mandriva Linux, OpenLDAP, RHEL, Ubuntu.

Our Vigil@nce team determined that the severity of this computer threat is medium.

The trust level is of type confirmed by the editor, with an origin of intranet client.

An attacker with a expert ability can exploit this cybersecurity bulletin.

Solutions for this threat 

OpenLDAP: version 2.4.30.
The version 2.4.30 is corrected:
  http://www.openldap.org/

OpenLDAP: patch for attrsOnly.
A patch is available:
  http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=ef2f5263de8802794e528cc2648ecfca369302ae
  http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=430256fafb85028443d7964a5ab1f4bbf8b2db38
  http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=463c1fa25d45e393dc1f1ea235286f79e872fad0

Apple macOS: version 10.13.6-2019-007.
The version 10.13.6-2019-007 is fixed:
  https://support.apple.com/

Apple macOS: version 10.14.6-2019-002.
The version 10.14.6-2019-002 is fixed:
  https://support.apple.com/

Apple macOS: version 10.15.2.
The version 10.15.2 is fixed:
  https://support.apple.com/

Mandriva: new openldap packages.
New packages are available:
  openldap-2.4.25-5.1-mdv2011.0
  openldap-2.4.11-3.5mdvmes5.2

RHEL 6: new openldap packages.
New packages are available:
  openldap-2.4.23-26.el6

Ubuntu: new slapd packages.
New packages are available:
  Ubuntu 15.04: slapd 2.4.31-1+nmu2ubuntu12.1
  Ubuntu 14.10: slapd 2.4.31-1+nmu2ubuntu11.1
  Ubuntu 14.04 LTS: slapd 2.4.31-1+nmu2ubuntu8.1
  Ubuntu 12.04 LTS: slapd 2.4.28-1.1ubuntu4.5
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a cybersecurity watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities.