1
PublicDateAtUSN: 2011-03-19
2
Candidate: CVE-2011-1025
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1025
6
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6661
7
https://usn.ubuntu.com/usn/usn-1100-1
9
bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require
10
authentication for the root Distinguished Name (DN), which allows remote
11
attackers to bypass intended access restrictions via an arbitrary password.
14
jdstrand> code not compiled (requires --enable-ndb)
16
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/742104
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617606
23
vendor: https://rhn.redhat.com/errata/RHSA-2011-0347.html
24
upstream_openldap: needs-triage
27
karmic_openldap: released (2.4.18-0ubuntu1.2)
28
lucid_openldap: released (2.4.21-0ubuntu5.4)
29
maverick_openldap: released (2.4.23-0ubuntu3.5)
30
devel_openldap: released (2.4.23-6ubuntu6)
33
upstream_openldap2.3: needs-triage
34
dapper_openldap2.3: DNE
35
hardy_openldap2.3: not-affected (code not present)
36
karmic_openldap2.3: DNE
37
lucid_openldap2.3: DNE
38
maverick_openldap2.3: DNE
39
devel_openldap2.3: DNE
42
upstream_openldap2.2: needs-triage
43
dapper_openldap2.2: not-affected (code not present)
44
hardy_openldap2.2: DNE
45
karmic_openldap2.2: DNE
46
lucid_openldap2.2: DNE
47
maverick_openldap2.2: DNE
48
devel_openldap2.2: DNE