A flaw in OpenLDAP allows remote unauthenticated attackers to cause a Denial of Service.
|Package||net-nds/openldap on all architectures|
|Affected versions||< 2.3.27-r3|
|Unaffected versions||>= 2.3.27-r3, revision >= 2.2.28-r5, revision >= 2.1.30-r8|
OpenLDAP is a suite of LDAP-related applications and development tools.
Evgeny Legerov has discovered that the truncation of an incoming authcid longer than 255 characters and ending with a space as the 255th character will lead to an improperly computed name length. This will trigger an assert in the libldap code.
By sending a BIND request with a specially crafted authcid parameter to an OpenLDAP service, a remote attacker can cause the service to crash.
There is no known workaround at this time.
All OpenLDAP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose "net-nds/openldap"
November 28, 2006
November 28, 2006: 01