[Secure-testing-team] Bug#497219: dhcp3-server-ldap: Unable to authenticate to LDAP with valid account
Mark Pavlichuk
pav5088 at internode.on.net
Sat Aug 30 23:47:12 UTC 2008
Package: dhcp3-server-ldap
Version: 3.1.1-3
Severity: grave
Tags: security
Justification: user security hole
I'm getting this error message :
Connecting to LDAP server amd64:389
Error: Cannot login into ldap server amd64:389: Success
Configuration file errors encountered -- exiting
....and when I enter an incorrect password it works. This seems to match bug #484261 that apparently was previously
fixed. I guess the patch wasn't reapplied to this version?
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages dhcp3-server-ldap depends on:
ii debianutils 2.30 Miscellaneous utilities specific t
ii dhcp3-common 3.1.1-3 common files used by all the dhcp3
ii dhcp3-server 3.1.1-3 DHCP server for automatic IP addre
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libldap-2.4-2 2.4.10-3 OpenLDAP libraries
ii libssl0.9.8 0.9.8g-13 SSL shared libraries
dhcp3-server-ldap recommends no packages.
dhcp3-server-ldap suggests no packages.
-- no debconf information
More information about the Secure-testing-team
mailing list