• info
• discussion
• exploit
• solution
• references

OpenLDAP /usr/tmp/ Symlink Vulnerability

Solution:
Patches are available from RedHat and TurboLinux to remedy this problem.

Rebuilding OpenLDAP, and configuring the following values to something other than /usr/tmp will fix this problem:
servers/slapd/back-ldbm/back-ldbm.g, "DEFAULT_DB_DIRECTORY" variable
servers/slapd/slapd.conf, "directory" variable
servers/slurpd/slurp.h, "DEFAULT_SLURPD_REPLICA_DIR" variable

The latest version, 1.2.10, still appears vulnerable to this problem.


Redhat openldap-1.2.7-2.i386.rpm

• Red Hat Inc. 6.1 i386 openldap-1.2.9-6.i386.rpm
  ftp://updates.redhat.com/6.1/i386/openldap-1.2.9-6.i386.rpm

Redhat openldap-1.2.9-5.i386.rpm

• Red Hat Inc. 6.2 i386 openldap-1.2.9-6.i386.rpm
  ftp://updates.redhat.com/6.2/i386/openldap-1.2.9-6.i386.rpm

Turbolinux Turbolinux 6.0.2

• TurboLinux openldap-1.2.10-1.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/openldap-1.2.10-1.i3 86.rpm


• TurboLinux openldap-devel-1.2.10-1.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/openldap-devel-1.2.1 0-1.i386.rpm


• TurboLinux openldap-libs-1.2.10-1.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/openldap-libs-1.2.10 -1.i386.rpm


• TurboLinux openldap-server-1.2.10-1.i386.rpm
  ftp://ftp.turbolinux.com/pub/updates/6.0/security/openldap-server-1.2. 10-1.i386.rpm

Mandriva Linux Mandrake 6.1

• MandrakeSoft 7.0 i386 openldap-1.2.9-5mdk.i586.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates /

Redhat Linux 6.1 i386

• Red Hat Inc. 6.1 i386 openldap-1.2.9-6.i386.rpm
  ftp://updates.redhat.com/6.1/i386/openldap-1.2.9-6.i386.rpm

Redhat Linux 6.1 sparc

• Red Hat Inc. 6.1 sparc openldap-1.2.9-6.sparc.rpm
  ftp://updates.redhat.com/6.1/sparc/openldap-1.2.9-6.sparc.rpm

Redhat Linux 6.1 alpha

• Red Hat Inc. 6.1 alpha openldap-1.2.9-6.alpha.rpm
  ftp://updates.redhat.com/6.1/alpha/openldap-1.2.9-6.alpha.rpm

Redhat Linux 6.2 sparc

• Red Hat Inc. 6.2 sparc openldap-1.2.9-6.sparc.rpm
  ftp://updates.redhat.com/6.2/sparc/openldap-1.2.9-6.sparc.rpm

Redhat Linux 6.2 alpha

• Red Hat Inc. 6.2 alpha openldap-1.2.9-6.alpha.rpm
  ftp://updates.redhat.com/6.2/alpha/openldap-1.2.9-6.alpha.rpm

Redhat Linux 6.2 i386

• Red Hat Inc. 6.2 i386 openldap-1.2.9-6.i386.rpm
  ftp://updates.redhat.com/6.2/i386/openldap-1.2.9-6.i386.rpm

Mandriva Linux Mandrake 7.0

• MandrakeSoft 7.0 i386 openldap-1.2.9-5mdk.i586.rpm
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates /