CVE-2006-5779
First published: Tue Nov 07 2006(Updated: )
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenLDAP | <=2.3.28 | |
| OpenLDAP | =1.0 | |
| OpenLDAP | =1.0.1 | |
| OpenLDAP | =1.0.2 | |
| OpenLDAP | =1.0.3 | |
| OpenLDAP | =1.1 | |
| OpenLDAP | =1.1.0 | |
| OpenLDAP | =1.1.1 | |
| OpenLDAP | =1.1.2 | |
| OpenLDAP | =1.1.3 | |
| OpenLDAP | =1.1.4 | |
| OpenLDAP | =1.2 | |
| OpenLDAP | =1.2.0 | |
| OpenLDAP | =1.2.1 | |
| OpenLDAP | =1.2.2 | |
| OpenLDAP | =1.2.3 | |
| OpenLDAP | =1.2.4 | |
| OpenLDAP | =1.2.5 | |
| OpenLDAP | =1.2.6 | |
| OpenLDAP | =1.2.7 | |
| OpenLDAP | =1.2.8 | |
| OpenLDAP | =1.2.9 | |
| OpenLDAP | =1.2.10 | |
| OpenLDAP | =1.2.11 | |
| OpenLDAP | =1.2.12 | |
| OpenLDAP | =1.2.13 | |
| OpenLDAP | =2.0 | |
| OpenLDAP | =2.0.0 | |
| OpenLDAP | =2.0.1 | |
| OpenLDAP | =2.0.2 | |
| OpenLDAP | =2.0.3 | |
| OpenLDAP | =2.0.4 | |
| OpenLDAP | =2.0.5 | |
| OpenLDAP | =2.0.6 | |
| OpenLDAP | =2.0.7 | |
| OpenLDAP | =2.0.8 | |
| OpenLDAP | =2.0.9 | |
| OpenLDAP | =2.0.10 | |
| OpenLDAP | =2.0.11 | |
| OpenLDAP | =2.0.12 | |
| OpenLDAP | =2.0.13 | |
| OpenLDAP | =2.0.14 | |
| OpenLDAP | =2.0.15 | |
| OpenLDAP | =2.0.16 | |
| OpenLDAP | =2.0.17 | |
| OpenLDAP | =2.0.18 | |
| OpenLDAP | =2.0.19 | |
| OpenLDAP | =2.0.20 | |
| OpenLDAP | =2.0.21 | |
| OpenLDAP | =2.0.22 | |
| OpenLDAP | =2.0.23 | |
| OpenLDAP | =2.0.24 | |
| OpenLDAP | =2.0.25 | |
| OpenLDAP | =2.0.26 | |
| OpenLDAP | =2.0.27 | |
| OpenLDAP | =2.1.2 | |
| OpenLDAP | =2.1.3 | |
| OpenLDAP | =2.1.4 | |
| OpenLDAP | =2.1.5 | |
| OpenLDAP | =2.1.6 | |
| OpenLDAP | =2.1.7 | |
| OpenLDAP | =2.1.8 | |
| OpenLDAP | =2.1.9 | |
| OpenLDAP | =2.1.10 | |
| OpenLDAP | =2.1.11 | |
| OpenLDAP | =2.1.12 | |
| OpenLDAP | =2.1.13 | |
| OpenLDAP | =2.1.14 | |
| OpenLDAP | =2.1.15 | |
| OpenLDAP | =2.1.16 | |
| OpenLDAP | =2.1.17 | |
| OpenLDAP | =2.1.18 | |
| OpenLDAP | =2.1.19 | |
| OpenLDAP | =2.1.20 | |
| OpenLDAP | =2.1.21 | |
| OpenLDAP | =2.1.22 | |
| OpenLDAP | =2.1.23 | |
| OpenLDAP | =2.1.24 | |
| OpenLDAP | =2.1.25 | |
| OpenLDAP | =2.1.26 | |
| OpenLDAP | =2.1.27 | |
| OpenLDAP | =2.1.28 | |
| OpenLDAP | =2.1.29 | |
| OpenLDAP | =2.1.30 | |
| OpenLDAP | =2.2.0 | |
| OpenLDAP | =2.2.1 | |
| OpenLDAP | =2.2.4 | |
| OpenLDAP | =2.2.5 | |
| OpenLDAP | =2.2.6 | |
| OpenLDAP | =2.2.7 | |
| OpenLDAP | =2.2.8 | |
| OpenLDAP | =2.2.9 | |
| OpenLDAP | =2.2.10 | |
| OpenLDAP | =2.2.11 | |
| OpenLDAP | =2.2.12 | |
| OpenLDAP | =2.2.13 | |
| OpenLDAP | =2.2.14 | |
| OpenLDAP | =2.2.15 | |
| OpenLDAP | =2.2.16 | |
| OpenLDAP | =2.2.17 | |
| OpenLDAP | =2.2.18 | |
| OpenLDAP | =2.2.19 | |
| OpenLDAP | =2.2.20 | |
| OpenLDAP | =2.2.21 | |
| OpenLDAP | =2.2.22 | |
| OpenLDAP | =2.2.23 | |
| OpenLDAP | =2.2.24 | |
| OpenLDAP | =2.2.25 | |
| OpenLDAP | =2.2.26 | |
| OpenLDAP | =2.2.27 | |
| OpenLDAP | =2.3.10 | |
| OpenLDAP | =2.3.11 | |
| OpenLDAP | =2.3.12 | |
| OpenLDAP | =2.3.13 | |
| OpenLDAP | =2.3.14 | |
| OpenLDAP | =2.3.15 | |
| OpenLDAP | =2.3.16 | |
| OpenLDAP | =2.3.17 | |
| OpenLDAP | =2.3.18 | |
| OpenLDAP | =2.3.19 | |
| OpenLDAP | =2.3.20 | |
| OpenLDAP | =2.3.21 | |
| OpenLDAP | =2.3.22 | |
| OpenLDAP | =2.3.23 | |
| OpenLDAP | =2.3.24 | |
| OpenLDAP | =2.3.25 | |
| OpenLDAP | =2.3.26 | |
| OpenLDAP | =2.3.27 | |
| OpenLDAP | <2.3.29 | |
| Ubuntu | =5.10 | |
| Ubuntu | =6.06 | |
| Ubuntu | =6.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz
- http://gleg.net/vulndisco_meta.shtml
- http://www.securityfocus.com/bid/20939
- http://securitytracker.com/id?1017166
- http://secunia.com/advisories/22750
- http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4740
- http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.033-openldap.html
- http://www.ubuntu.com/usn/usn-384-1
- http://secunia.com/advisories/22953
- http://secunia.com/advisories/22996
- http://www.novell.com/linux/security/advisories/2006_72_openldap2.html
- http://secunia.com/advisories/23133
- http://security.gentoo.org/glsa/glsa-200611-25.xml
- http://www.trustix.org/errata/2006/0066/
- http://secunia.com/advisories/23125
- http://secunia.com/advisories/23152
- https://issues.rpath.com/browse/RPL-820
- http://secunia.com/advisories/23170
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:208
- http://securityreason.com/securityalert/1831
- http://www.vupen.com/english/advisories/2006/4379
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30076
- http://www.securityfocus.com/archive/1/450728/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-5779?
CVE-2006-5779 has been designated as a high severity vulnerability due to its potential to cause denial of service by crashing the OpenLDAP daemon.
How do I fix CVE-2006-5779?
To fix CVE-2006-5779, update OpenLDAP to version 2.3.29 or later, which addresses the vulnerability.
Which versions of OpenLDAP are affected by CVE-2006-5779?
OpenLDAP versions prior to 2.3.29, including versions 2.3.28 and earlier, are affected by CVE-2006-5779.
Can CVE-2006-5779 affect all installations of OpenLDAP?
CVE-2006-5779 primarily affects installations of OpenLDAP that can accept LDAP BIND requests with long authcid names.
Is CVE-2006-5779 specific to any operating systems?
While CVE-2006-5779 affects OpenLDAP, it may also impact specific operating systems like certain versions of Ubuntu running vulnerable OpenLDAP versions.
- agent/type
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/openldap
- canonical/openldap
- version/openldap/2.3.28
- version/openldap/1.0
- version/openldap/1.0.1
- version/openldap/1.0.2
- version/openldap/1.0.3
- version/openldap/1.1
- version/openldap/1.1.0
- version/openldap/1.1.1
- version/openldap/1.1.2
- version/openldap/1.1.3
- version/openldap/1.1.4
- version/openldap/1.2
- version/openldap/1.2.0
- version/openldap/1.2.1
- version/openldap/1.2.2
- version/openldap/1.2.3
- version/openldap/1.2.4
- version/openldap/1.2.5
- version/openldap/1.2.6
- version/openldap/1.2.7
- version/openldap/1.2.8
- version/openldap/1.2.9
- version/openldap/1.2.10
- version/openldap/1.2.11
- version/openldap/1.2.12
- version/openldap/1.2.13
- version/openldap/2.0
- version/openldap/2.0.0
- version/openldap/2.0.1
- version/openldap/2.0.2
- version/openldap/2.0.3
- version/openldap/2.0.4
- version/openldap/2.0.5
- version/openldap/2.0.6
- version/openldap/2.0.7
- version/openldap/2.0.8
- version/openldap/2.0.9
- version/openldap/2.0.10
- version/openldap/2.0.11
- version/openldap/2.0.12
- version/openldap/2.0.13
- version/openldap/2.0.14
- version/openldap/2.0.15
- version/openldap/2.0.16
- version/openldap/2.0.17
- version/openldap/2.0.18
- version/openldap/2.0.19
- version/openldap/2.0.20
- version/openldap/2.0.21
- version/openldap/2.0.22
- version/openldap/2.0.23
- version/openldap/2.0.24
- version/openldap/2.0.25
- version/openldap/2.0.26
- version/openldap/2.0.27
- version/openldap/2.1.2
- version/openldap/2.1.3
- version/openldap/2.1.4
- version/openldap/2.1.5
- version/openldap/2.1.6
- version/openldap/2.1.7
- version/openldap/2.1.8
- version/openldap/2.1.9
- version/openldap/2.1.10
- version/openldap/2.1.11
- version/openldap/2.1.12
- version/openldap/2.1.13
- version/openldap/2.1.14
- version/openldap/2.1.15
- version/openldap/2.1.16
- version/openldap/2.1.17
- version/openldap/2.1.18
- version/openldap/2.1.19
- version/openldap/2.1.20
- version/openldap/2.1.21
- version/openldap/2.1.22
- version/openldap/2.1.23
- version/openldap/2.1.24
- version/openldap/2.1.25
- version/openldap/2.1.26
- version/openldap/2.1.27
- version/openldap/2.1.28
- version/openldap/2.1.29
- version/openldap/2.1.30
- version/openldap/2.2.0
- version/openldap/2.2.1
- version/openldap/2.2.4
- version/openldap/2.2.5
- version/openldap/2.2.6
- version/openldap/2.2.7
- version/openldap/2.2.8
- version/openldap/2.2.9
- version/openldap/2.2.10
- version/openldap/2.2.11
- version/openldap/2.2.12
- version/openldap/2.2.13
- version/openldap/2.2.14
- version/openldap/2.2.15
- version/openldap/2.2.16
- version/openldap/2.2.17
- version/openldap/2.2.18
- version/openldap/2.2.19
- version/openldap/2.2.20
- version/openldap/2.2.21
- version/openldap/2.2.22
- version/openldap/2.2.23
- version/openldap/2.2.24
- version/openldap/2.2.25
- version/openldap/2.2.26
- version/openldap/2.2.27
- version/openldap/2.3.10
- version/openldap/2.3.11
- version/openldap/2.3.12
- version/openldap/2.3.13
- version/openldap/2.3.14
- version/openldap/2.3.15
- version/openldap/2.3.16
- version/openldap/2.3.17
- version/openldap/2.3.18
- version/openldap/2.3.19
- version/openldap/2.3.20
- version/openldap/2.3.21
- version/openldap/2.3.22
- version/openldap/2.3.23
- version/openldap/2.3.24
- version/openldap/2.3.25
- version/openldap/2.3.26
- version/openldap/2.3.27
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/5.10
- version/ubuntu/6.06
- version/ubuntu/6.10