CVE-2006-5779
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
| Software | From | Fixed in |
|---|---|---|
| openldap / openldap | - | 2.3.29 |
| canonical / ubuntu_linux | 6.10 | 6.10.x |
| canonical / ubuntu_linux | 5.10 | 5.10.x |
| canonical / ubuntu_linux | 6.06 | 6.06.x |
- http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz
- http://gleg.net/vulndisco_meta.shtml
- http://secunia.com/advisories/22750
- http://secunia.com/advisories/22953
- http://secunia.com/advisories/22996
- http://secunia.com/advisories/23125
- http://secunia.com/advisories/23133
- http://secunia.com/advisories/23152
- http://secunia.com/advisories/23170
- http://security.gentoo.org/glsa/glsa-200611-25.xml
- http://securityreason.com/securityalert/1831
- http://securitytracker.com/id?1017166
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:208
- http://www.novell.com/linux/security/advisories/2006_72_openldap2.html
- http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4740
- http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.033-openldap.html
- http://www.securityfocus.com/archive/1/450728/100/0/threaded
- http://www.securityfocus.com/bid/20939
- http://www.trustix.org/errata/2006/0066/
- http://www.ubuntu.com/usn/usn-384-1
- http://www.vupen.com/english/advisories/2006/4379
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30076
- https://issues.rpath.com/browse/RPL-820
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime