openldap 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1129822850
업데이트 : 2005.10.21
상세내용
nss_ldap package 신규 추가
CAN-2004-0823:
OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5
and possibly other operating systems, may allow certain authentication
schemes to use hashed (crypt) passwords in the userPassword attribute
as if they were plaintext passwords, which allows remote attackers to
re-use hashed passwords without decrypting them.
CAN-2005-2069:
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave
using TLS, does not use TLS for the subsequent connection if the client
is referred to a master, which may cause a password to be sent in
cleartext and allows remote attackers to sniff the password.
Autoupdates 지원 : Packages System
pkgadd -F openldap*
update 패키지
RPMS :
. openldap-2.0.27-20.i686.rpm
. openldap-devel-2.0.27-20.i686.rpm
. openldap-clients-2.0.27-20.i686.rpm
. openldap-servers-2.0.27-20.i686.rpm
. nss_ldap-207-17.i686.rpm
SRPMS :
. nss_ldap-207-17.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069
|