-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2010.0661
            New openldap packages fix potential code execution
                               30 July 2010

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           openldap
Publisher:         Debian
Operating System:  Debian GNU/Linux 5
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2010-0212 CVE-2010-0211 

Reference:         ASB-2010.0173

Original Bulletin: 
   http://www.debian.org/security/2010/dsa-2077

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ------------------------------------------------------------------------
Debian Security Advisory DSA-2077-1                  security@debian.org
http://www.debian.org/security/                           Florian Weimer
July 29, 2010                         http://www.debian.org/security/faq
- - ------------------------------------------------------------------------

Package        : openldap
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2010-0211 CVE-2010-0212

Two remote vulnerabilities have been discovered in OpenLDAP.  The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2010-0211

    The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does
    not check the return value of a call to the smr_normalize
    function, which allows remote attackers to cause a denial of
    service (segmentation fault) and possibly execute arbitrary code
    via a modrdn call with an RDN string containing invalid UTF-8
    sequences.

CVE-2010-0212

    OpenLDAP 2.4.22 allows remote attackers to cause a denial of
    service (crash) via a modrdn call with a zero-length RDN
    destination string.

For the stable distribution (lenny), this problem has been fixed in
version 2.4.11-1+lenny2.  (The missing update for the mips
architecture will be provided soon.)

For the unstable distribution (sid), this problem has been fixed in
version 2.4.23-1.

We recommend that you upgrade your openldap packages.

Upgrade instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- - --------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny2.dsc
    Size/MD5 checksum:     1831 afe836285d70b3d51b50d06658b7cc22
  http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11.orig.tar.gz
    Size/MD5 checksum:  4193523 d4e8669e2c9b8d981e371e97e3cf92d9
  http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.11-1+lenny2.diff.gz
    Size/MD5 checksum:   149276 e9668ba9648e3e1f306a97c6cc77d5a3

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_alpha.deb
    Size/MD5 checksum:  1018392 d18b30dd684b7582ba3f5fda7c0ec52d
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_alpha.deb
    Size/MD5 checksum:   284794 3d3094d356fa97396dd53701ff8177c1
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_alpha.deb
    Size/MD5 checksum:  3625184 8c651f17c240c4222c26783e1333d7b4
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_alpha.deb
    Size/MD5 checksum:   281172 d91f060a2e0e9b3f7651913228e33a45
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_alpha.deb
    Size/MD5 checksum:   206338 7a268eec31460d56dfa4e51000a0f20e
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_alpha.deb
    Size/MD5 checksum:  1534546 70ae45ec33481afbf305544bf9d70cb0

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_amd64.deb
    Size/MD5 checksum:   205426 c7fecb2287a970a5b06e1dd053413cf6
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_amd64.deb
    Size/MD5 checksum:  3665336 a25a01da15aed085d7476043a69c9f43
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_amd64.deb
    Size/MD5 checksum:   266508 be5e6b39fb89340139dbde19f09a6777
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_amd64.deb
    Size/MD5 checksum:   972300 a73c35b4c7f48427a8fd5fe971c1aac4
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_amd64.deb
    Size/MD5 checksum:   299624 b132ed70255863a64e1eb94a5700dbf0
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_amd64.deb
    Size/MD5 checksum:  1509162 0e9758a242eb928e9c5287d2801f280b

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_arm.deb
    Size/MD5 checksum:  1413404 2ff76be2a9be2109b995d2fbb89ba776
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_arm.deb
    Size/MD5 checksum:   248960 042b8f1642b8ea512ba4abdf8a60d2b3
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_arm.deb
    Size/MD5 checksum:  3576526 6c38ec7d7a9e3a35e043cdb4276b837c
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_arm.deb
    Size/MD5 checksum:   869398 5f75a2717d71579905ba1058d530ede0
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_arm.deb
    Size/MD5 checksum:   179976 b69cc3f9fd1f4f09eb015e28b60d3b3a
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_arm.deb
    Size/MD5 checksum:   279998 0534bb7fb3fc4eaf311bf846dfb3c800

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_armel.deb
    Size/MD5 checksum:   244982 09dc4f6dc96aab40b399b52cdd440f49
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_armel.deb
    Size/MD5 checksum:   281290 ed72c73b8018e02b579af7fc8652ad5a
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_armel.deb
    Size/MD5 checksum:   179660 3ca1f0b69016395df01441d2be719acb
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_armel.deb
    Size/MD5 checksum:   863030 4382d905de1db012e3197c1b4cbd53f9
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_armel.deb
    Size/MD5 checksum:  3583978 00372759861243bb13585f34bf93be4b
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_armel.deb
    Size/MD5 checksum:  1407120 b0fa8a6ea8d9b2305967c1f6486fa901

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_hppa.deb
    Size/MD5 checksum:   998740 a675f6577888e4518b38fe32ed9c0954
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_hppa.deb
    Size/MD5 checksum:  1532150 1eaf00efdb3f58b494466c6af919d27b
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_hppa.deb
    Size/MD5 checksum:   264082 b88df4740a44865d431b292f0e029475
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_hppa.deb
    Size/MD5 checksum:   284888 7ce39229438af13c8220edece4e9c856
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_hppa.deb
    Size/MD5 checksum:  3621796 d4307c86696c24a200ac12a310885289
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_hppa.deb
    Size/MD5 checksum:   201312 e826b1ca00ff0f50fb9472d5f28551f6

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_i386.deb
    Size/MD5 checksum:  3562530 a1866b654c74dadd577d7a8322285553
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_i386.deb
    Size/MD5 checksum:   189038 039bf2208067cb5899a6c9ae6364a74d
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_i386.deb
    Size/MD5 checksum:   286894 0acddd599377272201cd6788a0f19bdc
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_i386.deb
    Size/MD5 checksum:   244480 d2ca1f47200257729bfde83e67526527
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_i386.deb
    Size/MD5 checksum:  1397792 3740fe46b91fa94690c5cb081b286041
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_i386.deb
    Size/MD5 checksum:   870436 f92b3b1928099d93ae35a98e9a75ac65

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_ia64.deb
    Size/MD5 checksum:  1038332 2a23da950b3354b1027cb991ba2e9bd1
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_ia64.deb
    Size/MD5 checksum:  2016204 54caa4d0966584b247bc4cffdac00d94
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_ia64.deb
    Size/MD5 checksum:   269460 89ba522a4c15ac0dacb6537edf468bb9
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_ia64.deb
    Size/MD5 checksum:   352176 383c904bee22aee1d94d238de24768e0
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_ia64.deb
    Size/MD5 checksum:  3590732 49ac7b30b339381b7d01f9d86ac7e54f
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_ia64.deb
    Size/MD5 checksum:   258836 36313ee33851fcc77c9a49bb340f30b2

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_mipsel.deb
    Size/MD5 checksum:  3641930 05338b1bcd1ae4a5d921023ce12baa24
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_mipsel.deb
    Size/MD5 checksum:  1388338 045112a49ef59f53286e6ff8dcf56f1c
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_mipsel.deb
    Size/MD5 checksum:   181222 e2fc86fb9b0e1ca335aa92bdd9ee8088
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_mipsel.deb
    Size/MD5 checksum:   261520 f4317c50476ed380b91546a81753483f
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_mipsel.deb
    Size/MD5 checksum:   296334 5c106ddb8aab107366077d8bf6c013e4
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_mipsel.deb
    Size/MD5 checksum:   846022 87238f27ad1428d0ae2b2555cc5831c7

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_powerpc.deb
    Size/MD5 checksum:   295538 7193f88b4fc784f1bc49e16db44bc451
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_powerpc.deb
    Size/MD5 checksum:   199352 7cdb792324d09442a7029f768300a830
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_powerpc.deb
    Size/MD5 checksum:  1558086 d65f456faf9ac835725a86c3a0c13122
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_powerpc.deb
    Size/MD5 checksum:   981510 805f717025ed2e56d241e98987173012
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_powerpc.deb
    Size/MD5 checksum:  3721030 85d95b637bcd3de3527cb11554f54d8e
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_powerpc.deb
    Size/MD5 checksum:   284672 d49b7a5067b6671933194b849f2f5419

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_s390.deb
    Size/MD5 checksum:  1045564 a9c32d3b14f6969228def0dab1f7209c
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_s390.deb
    Size/MD5 checksum:   298596 07c975378ad71d9d83ba951f71dc4140
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_s390.deb
    Size/MD5 checksum:   266258 d6bfe59a7514b370eea5380d30e4d5b2
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_s390.deb
    Size/MD5 checksum:  3700520 c032e0d5e2a209597a7c40e3c6aedfb0
  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_s390.deb
    Size/MD5 checksum:  1497898 6b20aec732079628189c126595676d80
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_s390.deb
    Size/MD5 checksum:   204656 ded26b56657fd5db7686c8163aa9ac11

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/o/openldap/slapd_2.4.11-1+lenny2_sparc.deb
    Size/MD5 checksum:  1394762 207402a46ff26af86197ea981ea25ab8
  http://security.debian.org/pool/updates/main/o/openldap/ldap-utils_2.4.11-1+lenny2_sparc.deb
    Size/MD5 checksum:   248828 013b1d3f070546d2524cbe4d49370810
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2_sparc.deb
    Size/MD5 checksum:   182914 4e271359df09ba43102089da55778d9a
  http://security.debian.org/pool/updates/main/o/openldap/libldap2-dev_2.4.11-1+lenny2_sparc.deb
    Size/MD5 checksum:   858646 e5e75c350ab491ad5a90413bc1de84df
  http://security.debian.org/pool/updates/main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2_sparc.deb
    Size/MD5 checksum:   261014 37c7cc86a4ae1e84ad9e42b8a302a9e8
  http://security.debian.org/pool/updates/main/o/openldap/slapd-dbg_2.4.11-1+lenny2_sparc.deb
    Size/MD5 checksum:  3501616 2b2fc3cb381ccf9b10901e90999a7403


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJMUdPkAAoJEL97/wQC1SS+UJAH/0ZlUxtpP8xG+zJ/ykQ3qN//
JW0tZIvA+16PMwLbqJ6fb/DFOjxYyYeDaS680X4VaSZLO1SCFcCwnsDiJM7sKd6X
JbnzgaJcIUmK0qlLuB1oEYsWlqY1yYN5fetxhcZNfrXAhP+NbuACcs/X7Gu94uV4
hGioiG4j2dIe4hJS3JO4tMbigmzg4rlAW4PDRtWfAY5JVMzHP3wN+iOPBynWTgGR
Z1hZntJhZw/nRpfSFJBU2EhkMuhkd6aLHtZppwJj1h5Q2slkVt5/a1dyqpplXc0T
014EEKlxSB9kgVILF7gs5RTJrdOYRtV5VashW05QMBNhOL0/GtlnFJxVcZjz/aA=
=1+N0
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://www.auscert.org.au/1967

iD8DBQFMUheE/iFOrG6YcBERAqiQAKC5fdNNPLrpp166huKMcTdZp19O9wCggUMX
rWRRMf26hOpSpsQpLzcFVnU=
=/1Ym
-----END PGP SIGNATURE-----