Debian Linux Security Advisory 5140-1 - Jacek Konieczny discovered a SQL injection vulnerability in the back-sql backend to slapd in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, allowing an attacker to alter the database during an LDAP search operations when a specially crafted search filter is processed.
9897ab545bd716606e3e6dc857fdce950165ee9eb718713839521fe2b0e5c7acUbuntu Security Notice 5424-2 - USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.
0e0e7d427185a4265212e9573a0d260655e14290d1cec821dc663cfb8913d341Ubuntu Security Notice 5424-1 - It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.
622b2eaedb770c0fbeedd05eb4c12c43e234131acf0a55523407bb64c0dc2e6d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed