[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Authentication Segfaults slapd: DoS



Note that the current release of 2.2 is 2.2.8; I sugest you upgrade and
see if the problem still occurs.  If it does, please provide details about
where it happens (e.g. logs and stack backtrace from gdb, as described in
http://www.openldap.org/faq/data/cache/59.html)

p.

> Hello everyone,
> I don't know what I've done wrong. If I use ldapsearch to query my
> OpenLDAP 2.2.5 server and I don't force simple authentication instead of
> SASL (-x), slapd crashes with a segmentation fault. I've obviously got
> security concerns over this because any schmoe with a shell account can
> crash my server just by using ldapsearch and omitting -x.
>
> OpenLDAP 2.2.5 (bdb) was compiled against a binary distribution of
> cyrus-sasl 2.1.15. Later on cyrus-sasl was upgraded (from source) to
> 2.1.18. I'm not sure if this problem existed prior to the upgrade of
> 2.1.18, but I wouldn't expect such a minor revision to cause slapd to
> die so violently as a result. Maybe that's a false assumption?
>
> bdb: ../dist/configure --with-pic --disable-shared
> --prefix=/usr/local/bdb --libdir=/usr/local/bdb/lib
> openldap: ./configure --with-slapd --with-slurpd --with-threads=posix
> --with-tls --with-cyrus-sasl --with-kerberos=k5only \
> 		--enable-static --enable-dynamic --disable-shared
> --enable-rlookups --enable-wrappers --enable-cleartext \
> 		--enable-crypt --enable-spasswd --enable-kpasswd
> --enable-modules --enable-bdb --bindir=/usr/bin \
> 		--sbindir=/usr/sbin --libexecdir=/usr/sbin --sysconfdir=/etc
> --datadir=/usr/share --localstatedir=/var/run \
> 		--libdir=/usr/lib --includedir=/usr/include
> --mandir=/usr/share/man --infodir=/usr/share/info
> cyrus-sasl: ./configure --with-sasl-authd=/var/run/saslauthd --with-ldap
> --bindir=/usr/bin --sbindir=/usr/sbin \
> 		--libexecdir=/usr/sbin --datadir=/usr/share
> --sysconfdir=/etc --localstatedir=/var --libdir=/usr/lib \
> 		--includedir=/usr/include --infodir=/usr/share/info
> --mandir=/usr/share/man
>
> slapd is invoked as: /usr/sbin/slapd -u ldap -h 'ldap://192.168.80.4/
> ldaps://192.168.80.4/' -l daemon -4
>
> If anybody has seen this or has any ideas please let me know. Thanks in
> advance!!!


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it