[原文]OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.
This vulnerability was first announced in a SuSE security advisory.
-
受影响的程序版本
Sun Linux 5.0.7
SGI ProPack 2.3
SGI ProPack 2.2.1
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
OpenLDAP OpenLDAP 2.0.25
+
Conectiva Linux 8.0
+
Conectiva Linux 8.0
+
Gentoo Linux 1.4 _rc1
+
Gentoo Linux 1.4 _rc1
+
Gentoo Linux 1.2
+
Gentoo Linux 1.2
+
Mandriva Linux Mandrake 9.0
+
RedHat Linux 8.0 i386
+
RedHat Linux 8.0 i386
+
RedHat Linux 8.0
+
RedHat Linux 8.0
OpenLDAP OpenLDAP 2.0.23
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
Debian Linux 3.0
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3
+
RedHat Linux 7.3
+
S.u.S.E. Linux 8.0
+
S.u.S.E. Linux 8.0
OpenLDAP OpenLDAP 2.0.22
OpenLDAP OpenLDAP 2.0.21
+
Conectiva Linux 7.0
+
Conectiva Linux 7.0
+
Conectiva Linux 6.0
+
Conectiva Linux 6.0
+
Mandriva Linux Mandrake 8.2 ppc
+
Mandriva Linux Mandrake 8.2
+
Mandriva Linux Mandrake 8.2
OpenLDAP OpenLDAP 2.0.20
OpenLDAP OpenLDAP 2.0.19
+
Conectiva Linux 7.0
+
Conectiva Linux 6.0
+
Conectiva Linux 6.0
OpenLDAP OpenLDAP 2.0.18
-
Conectiva Linux 7.0
-
Conectiva Linux 6.0
-
Conectiva Linux 6.0
OpenLDAP OpenLDAP 2.0.17
-
Conectiva Linux 7.0
-
Conectiva Linux 6.0
-
Conectiva Linux 6.0
OpenLDAP OpenLDAP 2.0.16
OpenLDAP OpenLDAP 2.0.15
-
Conectiva Linux 7.0
-
Conectiva Linux 6.0
-
Conectiva Linux 6.0
OpenLDAP OpenLDAP 2.0.14
+
Mandriva Linux Mandrake 8.1 ia64
+
Mandriva Linux Mandrake 8.1
+
Mandriva Linux Mandrake 8.1
+
Mandriva Linux Mandrake 8.0 ppc
+
Mandriva Linux Mandrake 8.0
OpenLDAP OpenLDAP 2.0.13
OpenLDAP OpenLDAP 2.0.12
+
S.u.S.E. Linux 7.3 sparc
+
S.u.S.E. Linux 7.3 sparc
+
S.u.S.E. Linux 7.3 ppc
+
S.u.S.E. Linux 7.3
+
S.u.S.E. Linux 7.3
OpenLDAP OpenLDAP 2.0.11 -9
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Workstation 3.1.1
OpenLDAP OpenLDAP 2.0.11 -11S
-
Caldera OpenLinux eBuilder 3.0
-
Caldera OpenLinux eBuilder 3.0
-
SCO eServer 2.3.1
OpenLDAP OpenLDAP 2.0.11 -11
-
Caldera OpenLinux 3.1 -IA64
-
Caldera OpenLinux Server 3.1.1
-
Caldera OpenLinux Server 3.1.1
-
Caldera OpenLinux Server 3.1
-
Caldera OpenLinux Server 3.1
-
Caldera OpenLinux Workstation 3.1.1
-
Caldera OpenLinux Workstation 3.1.1
-
Caldera OpenLinux Workstation 3.1
-
Caldera OpenLinux Workstation 3.1
OpenLDAP OpenLDAP 2.0.11
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Workstation 3.1.1
+
Conectiva Linux 7.0
+
Conectiva Linux 7.0
+
Conectiva Linux 6.0
+
Conectiva Linux 6.0
+
HP Secure OS software for Linux 1.0
+
HP Secure OS software for Linux 1.0
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2 alpha
+
RedHat Linux 7.2 alpha
+
RedHat Linux 7.2
+
RedHat Linux 7.2
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1
+
S.u.S.E. Linux 7.2
+
S.u.S.E. Linux 7.2
+
S.u.S.E. Linux 7.1 sparc
+
S.u.S.E. Linux 7.1 sparc
+
S.u.S.E. Linux 7.1 ppc
+
S.u.S.E. Linux 7.1 ppc
+
S.u.S.E. Linux 7.1 alpha
+
S.u.S.E. Linux 7.1 alpha
+
S.u.S.E. Linux 7.1
+
S.u.S.E. Linux 7.1
OpenLDAP OpenLDAP 2.0.10
OpenLDAP OpenLDAP 2.0.9
OpenLDAP OpenLDAP 2.0.8
OpenLDAP OpenLDAP 2.0.7
+
Caldera OpenLinux 3.1 -IA64
+
Caldera OpenLinux eBuilder 3.0
+
Caldera OpenLinux eBuilder 3.0
+
Caldera OpenLinux Server 3.1
+
Caldera OpenLinux Server 3.1
+
Caldera OpenLinux Workstation 3.1
+
Caldera OpenLinux Workstation 3.1
+
HP Secure OS software for Linux 1.0
+
HP Secure OS software for Linux 1.0
+
Mandriva Linux Mandrake 8.0 ppc
+
Mandriva Linux Mandrake 8.0 ppc
+
Mandriva Linux Mandrake 8.0
+
Mandriva Linux Mandrake 8.0
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 ia64
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 alpha
+
RedHat Linux 7.1 alpha
+
RedHat Linux 7.1
+
RedHat Linux 7.1
+
SCO eServer 2.3.1
+
SCO eServer 2.3.1
OpenLDAP OpenLDAP 2.0.6
OpenLDAP OpenLDAP 2.0.5
OpenLDAP OpenLDAP 2.0.4
OpenLDAP OpenLDAP 2.0.3
OpenLDAP OpenLDAP 2.0.2
OpenLDAP OpenLDAP 2.0.1
OpenLDAP OpenLDAP 2.0
-
Caldera OpenLinux eBuilder 3.0
-
SCO eDesktop 2.4
-
SCO eServer 2.3
OpenLDAP OpenLDAP 1.2.13
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
+
Trustix Secure Linux 1.1
OpenLDAP OpenLDAP 1.2.12
OpenLDAP OpenLDAP 1.2.11
-
Debian Linux 2.2 sparc
-
Debian Linux 2.2 sparc
-
Debian Linux 2.2 powerpc
-
Debian Linux 2.2 powerpc
-
Debian Linux 2.2 arm
-
Debian Linux 2.2 arm
-
Debian Linux 2.2 alpha
-
Debian Linux 2.2 alpha
-
Debian Linux 2.2 68k
-
Debian Linux 2.2
-
Debian Linux 2.2
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0
+
RedHat Linux 7.0
OpenLDAP OpenLDAP 1.2.10
OpenLDAP OpenLDAP 1.2.9
+
Red Hat Linux 6.2
+
RedHat Linux 6.2 i386
+
RedHat Linux 6.2 i386
-
漏洞讨论
Several vulnerabilities have been reported for OpenLDAP that may result in arbitrary code execution. These vulnerabilities are likely in the form of buffer overflows.
Precise technical details about the nature of the vulnerabilities are currently unknown. This BID will be updated as more information becomes available.
-
漏洞利用
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.
-
解决方案
Sun have released fixes to address this vulnerability in Sun Linux 5.0.7. Users who are affected by this issue are advised to apply relevant fixes as soon as possible. Please see Sun reference (Sun Linux Support - Sun Linux Patches (Sun)) for further details regarding obtaining and applying appropriate fixes.
Gentoo Linux has released an advisory. Users who have installed net-nds/openldap-2.0.25-r2 are advised to update their systems by issuing the following commands:
emerge rsync
emerge openldap
emerge clean
Debian has released an advisory (DSA 227-1) which addresses this issue. Users should refer to the attached advisory for details on obtaining and applying fixes.
Trustix Secure Linux has released an advisory (TSLSA-2003-0002) which addresses this and other OpenLDAP issues. Users are advised to upgrade as soon as possible.
Red Hat has released an advisory (RHSA-2002:312) containing fixes to address this issue in Enterprise Linux and Linux Advanced Workstation. Fixes for these releases are only available through the Red Hat Network, and can be obtained using the following link:
http://rhn.redhat.com/
SGI has released an advisory (20031002-01-U) pertaining to their ProPack Linux distribution. The advisory has been released in response to a number of RHSA advisories, and includes a patch (Patch 10027) containing updated RPM packages relating to 22 different BIDS.
Patch 10027 can be obtained via the following link:
http://support.sgi.com/
For information regarding how to obtain individual RPM packages included in Patch 10027, please see the attached advisory.