OpenLDAP 匿名用户对象属性可删除漏洞发布时间:2002-01-28 更新时间:2002-01-28 严重程度:中 威胁程度:其它 错误类型:访问验证错误 利用方式:服务器模式 BUGTRAQ ID:3947 受影响系统 OpenLDAP OpenLDAP 2.0详细描述 OpenLDAP 是一款开放源代码LDAP协议实现。 OpenLDAP2.0.0到2.0.19版本当用户尝试通过以空列表来代替在一目录中对象的 值的方法来移去属性时,没有使用访问控制列表来正确的检查权限,所以非特权 用户利用此方法去除相应属性。 不过因为计划检查还会强制执行,用户只能当计划不需要对象支配时才能去除属性。 测试代码 尚无 解决方案 Redhat提供了相应的补丁程序: Red Hat Linux 7.0: SRPMS: ftp://updates.redhat.com/7.0/en/os/SRPMS/openldap-2.0.21-0.7.1.src.rpm alpha: ftp://updates.redhat.com/7.0/en/os/alpha/openldap-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/openldap-clients-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/openldap-devel-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.0/en/os/alpha/openldap-servers-2.0.21-0.7.1.alpha.rpm i386: ftp://updates.redhat.com/7.0/en/os/i386/openldap-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/openldap-clients-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/openldap-devel-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.0/en/os/i386/openldap-servers-2.0.21-0.7.1.i386.rpm Red Hat Linux 7.1: SRPMS: ftp://updates.redhat.com/7.1/en/os/SRPMS/openldap-2.0.21-0.7.1.src.rpm alpha: ftp://updates.redhat.com/7.1/en/os/alpha/openldap-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-clients-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-devel-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-servers-2.0.21-0.7.1.alpha.rpm i386: ftp://updates.redhat.com/7.1/en/os/i386/openldap-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-clients-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-devel-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-servers-2.0.21-0.7.1.i386.rpm ia64: ftp://updates.redhat.com/7.1/en/os/ia64/openldap-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-clients-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-devel-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-servers-2.0.21-0.7.1.ia64.rpm Red Hat Linux 7.2: SRPMS: ftp://updates.redhat.com/7.2/en/os/SRPMS/openldap-2.0.21-1.src.rpm i386: ftp://updates.redhat.com/7.2/en/os/i386/openldap-2.0.21-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/openldap-clients-2.0.21-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/openldap-devel-2.0.21-1.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/openldap-servers-2.0.21-1.i386.rpm ia64: ftp://updates.redhat.com/7.2/en/os/ia64/openldap-2.0.21-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/openldap-clients-2.0.21-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/openldap-devel-2.0.21-1.ia64.rpm ftp://updates.redhat.com/7.2/en/os/ia64/openldap-servers-2.0.21-1.ia64.rpm MD5验证: MD5 sum Package Name -------------------------------------------------------------------------- 621a273d4fd00814d9f5be4952e1da24 7.0/en/os/SRPMS/openldap-2.0.21-0.7.1.src.rpm adb5c0f9f48c628e838e10d9209ca33e 7.0/en/os/alpha/openldap-2.0.21-0.7.1.alpha.rpm 2fff8e15781a76117ffc849bf8c196e0 7.0/en/os/alpha/openldap-clients-2.0.21-0.7.1.alpha.rpm 0afbfe730aafb65faf84302ec3f1fb89 7.0/en/os/alpha/openldap-devel-2.0.21-0.7.1.alpha.rpm ec6df8d880e76595ae1d7772a09a8ded 7.0/en/os/alpha/openldap-servers-2.0.21-0.7.1.alpha.rpm 4c9884f16c8c6faae1311b5f7f53e7a9 7.0/en/os/i386/openldap-2.0.21-0.7.1.i386.rpm 1381cc0aee8127b57bc621ff8df6b52f 7.0/en/os/i386/openldap-clients-2.0.21-0.7.1.i386.rpm 739ceb89c3c88198e2145b3a661a1fb4 7.0/en/os/i386/openldap-devel-2.0.21-0.7.1.i386.rpm 970ebb03d448f637c07b6cf7b419cd8b 7.0/en/os/i386/openldap-servers-2.0.21-0.7.1.i386.rpm 621a273d4fd00814d9f5be4952e1da24 7.1/en/os/SRPMS/openldap-2.0.21-0.7.1.src.rpm adb5c0f9f48c628e838e10d9209ca33e 7.1/en/os/alpha/openldap-2.0.21-0.7.1.alpha.rpm 2fff8e15781a76117ffc849bf8c196e0 7.1/en/os/alpha/openldap-clients-2.0.21-0.7.1.alpha.rpm 0afbfe730aafb65faf84302ec3f1fb89 7.1/en/os/alpha/openldap-devel-2.0.21-0.7.1.alpha.rpm ec6df8d880e76595ae1d7772a09a8ded 7.1/en/os/alpha/openldap-servers-2.0.21-0.7.1.alpha.rpm 4c9884f16c8c6faae1311b5f7f53e7a9 7.1/en/os/i386/openldap-2.0.21-0.7.1.i386.rpm 1381cc0aee8127b57bc621ff8df6b52f 7.1/en/os/i386/openldap-clients-2.0.21-0.7.1.i386.rpm 739ceb89c3c88198e2145b3a661a1fb4 7.1/en/os/i386/openldap-devel-2.0.21-0.7.1.i386.rpm 970ebb03d448f637c07b6cf7b419cd8b 7.1/en/os/i386/openldap-servers-2.0.21-0.7.1.i386.rpm 14bd6db0758dc071f8e23339d15b2220 7.1/en/os/ia64/openldap-2.0.21-0.7.1.ia64.rpm f88040707cc20e71f4b94da154b8ef43 7.1/en/os/ia64/openldap-clients-2.0.21-0.7.1.ia64.rpm 3cb633c9f7ed221c45f2701da7c8dd7e 7.1/en/os/ia64/openldap-devel-2.0.21-0.7.1.ia64.rpm c01d0d619c62fced192418cdeddcae76 7.1/en/os/ia64/openldap-servers-2.0.21-0.7.1.ia64.rpm baad341d94bae309895765c10fd397cd 7.2/en/os/SRPMS/openldap-2.0.21-1.src.rpm d6b0b4383d02c0c26b3b146384b238fb 7.2/en/os/i386/openldap-2.0.21-1.i386.rpm 8bec3cac0671d97b8f68895c2a3a0a27 7.2/en/os/i386/openldap-clients-2.0.21-1.i386.rpm 38165c13288cee96680fb35368ca1c7b 7.2/en/os/i386/openldap-devel-2.0.21-1.i386.rpm 0f74a1e19ac767ce3e1a2b0b4a9a99ef 7.2/en/os/i386/openldap-servers-2.0.21-1.i386.rpm 4685917c60c02f0c1ce0eaac2ed53136 7.2/en/os/ia64/openldap-2.0.21-1.ia64.rpm 397407675083f4d44692313f077a5dc0 7.2/en/os/ia64/openldap-clients-2.0.21-1.ia64.rpm 5643cbabd72ac60145212f915fc5fa21 7.2/en/os/ia64/openldap-devel-2.0.21-1.ia64.rpm 5d62ffeedcdd02b9f41f77ea0fd65ecf 7.2/en/os/ia64/openldap-servers-2.0.21-1.ia64.rpm HP Secure Linux 1.0 可采用如下补丁程序进行修补: OpenLDAP OpenLDAP 2.0: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.1: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.2: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.3: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.4: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.5: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.6: OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz OpenLDAP OpenLDAP 2.0.7: Red Hat RPM openldap-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-2.0.21-0.7.1.alpha.rpm Fix for 7.1/alpha. Red Hat RPM openldap-clients-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-clients-2.0.21-0.7.1.alpha.rpm Fix for 7.1/alpha. Red Hat RPM openldap-devel-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-devel-2.0.21-0.7.1.alpha.rpm Fix for 7.1/alpha. Red Hat RPM openldap-servers-2.0.21-0.7.1.alpha.rpm ftp://updates.redhat.com/7.1/en/os/alpha/openldap-servers-2.0.21-0.7.1.alpha.rpm Fix for 7.1/alpha. Red Hat RPM openldap-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-2.0.21-0.7.1.i386.rpm Fix for 7.1/i386. Red Hat RPM openldap-clients-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-clients-2.0.21-0.7.1.i386.rpm Fix for 7.1/i386. Red Hat RPM openldap-devel-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-devel-2.0.21-0.7.1.i386.rpm Fix for 7.1/i386. Red Hat RPM openldap-servers-2.0.21-0.7.1.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/openldap-servers-2.0.21-0.7.1.i386.rpm Fix for 7.1/i386. Red Hat RPM openldap-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-2.0.21-0.7.1.ia64.rpm Fix for 7.1/ia64. Red Hat RPM openldap-clients-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-clients-2.0.21-0.7.1.ia64.rpm Fix for 7.1/ia64. Red Hat RPM openldap-devel-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-devel-2.0.21-0.7.1.ia64.rpm Fix for 7.1/ia64. Red Hat RPM openldap-servers-2.0.21-0.7.1.ia64.rpm ftp://updates.redhat.com/7.1/en/os/ia64/openldap-servers-2.0.21-0.7.1.ia64.rpm Fix for 7.1/ia64. OpenLDAP Upgrade openldap-2.0.21.tgz ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.0.21.tgz 相关信息 |
