CVE-2011-1025

bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.redhat.com/support/errata/RHSA-2011-0347.html
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-ndb/bind.cpp.diff?r1=1.5&r2=1.8	Patch
http://openwall.com/lists/oss-security/2011/02/24/12
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6661
http://openwall.com/lists/oss-security/2011/02/25/13
http://secunia.com/advisories/43331	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0665	Vendor Advisory
http://www.openldap.org/lists/openldap-announce/201102/msg00000.html
http://securitytracker.com/id?1025190
https://bugzilla.redhat.com/show_bug.cgi?id=680472	Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2011:056
http://www.ubuntu.com/usn/USN-1100-1
http://secunia.com/advisories/43718
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://security.gentoo.org/glsa/glsa-201406-36.xml

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openldap:openldap:2.4.7:::::::*
	cpe:2.3:a:openldap:openldap:2.4.6:::::::*
	cpe:2.3:a:openldap:openldap:2.4.15:::::::*
	cpe:2.3:a:openldap:openldap:2.4.20:::::::*
	cpe:2.3:a:openldap:openldap:2.4.22:::::::*
	cpe:2.3:a:openldap:openldap:2.4.8:::::::*
	cpe:2.3:a:openldap:openldap:2.4.17:::::::*
	cpe:2.3:a:openldap:openldap:2.4.14:::::::*
	cpe:2.3:a:openldap:openldap:2.4.13:::::::*
	cpe:2.3:a:openldap:openldap:2.4.12:::::::*
	cpe:2.3:a:openldap:openldap:2.4.11:::::::*
	cpe:2.3:a:openldap:openldap:2.4.9:::::::*
	cpe:2.3:a:openldap:openldap:2.4.16:::::::*
	cpe:2.3:a:openldap:openldap:2.4.18:::::::*
	cpe:2.3:a:openldap:openldap:2.4.23:::::::*
	cpe:2.3:a:openldap:openldap:2.4.19:::::::*
	cpe:2.3:a:openldap:openldap:2.4.21:::::::*
	cpe:2.3:a:openldap:openldap:2.4.10:::::::*

Information

Published : 2011-03-19 19:00

Updated : 2017-01-06 18:59

NVD link : CVE-2011-1025

Mitre link : CVE-2011-1025

JSON object : View

CWE

CWE-287

Improper Authentication

Products Affected

openldap

openldap

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.redhat.com/support/errata/RHSA-2011-0347.html", "name": "RHSA-2011:0347", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-ndb/bind.cpp.diff?r1=1.5&r2=1.8", "name": "http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-ndb/bind.cpp.diff?r1=1.5&r2=1.8", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://openwall.com/lists/oss-security/2011/02/24/12", "name": "[oss-security] 20110224 CVE Request -- OpenLDAP -- two issues", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6661", "name": "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6661", "tags": [], "refsource": "CONFIRM"}, {"url": "http://openwall.com/lists/oss-security/2011/02/25/13", "name": "[oss-security] 20110225 Re: CVE Request -- OpenLDAP -- two issue", "tags": [], "refsource": "MLIST"}, {"url": "http://secunia.com/advisories/43331", "name": "43331", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2011/0665", "name": "ADV-2011-0665", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.openldap.org/lists/openldap-announce/201102/msg00000.html", "name": "[openldap-announce] 20110212 OpenLDAP 2.4.24 available", "tags": [], "refsource": "MLIST"}, {"url": "http://securitytracker.com/id?1025190", "name": "1025190", "tags": [], "refsource": "SECTRACK"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=680472", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=680472", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:056", "name": "MDVSA-2011:056", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://www.ubuntu.com/usn/USN-1100-1", "name": "USN-1100-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://secunia.com/advisories/43718", "name": "43718", "tags": [], "refsource": "SECUNIA"}, {"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "tags": [], "refsource": "CONFIRM"}, {"url": "http://security.gentoo.org/glsa/glsa-201406-36.xml", "name": "GLSA-201406-36", "tags": [], "refsource": "GENTOO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-287"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-1025", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-03-20T02:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.4.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-01-07T02:59Z"}

6.8 /10