[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: large ldap server recommendation

To: Quanah Gibson-Mount <quanah@zimbra.com>
Subject: Re: large ldap server recommendation
From: Brad Knowles <b.knowles@its.utexas.edu>
Date: Fri, 01 Feb 2008 12:46:35 -0600
Cc: Howard Chu <hyc@symas.com>, ram <ram@netcore.co.in>, openldap-software@openldap.org, Michael Ströder <michael@stroeder.com>
In-reply-to: <0BC91504F966ACF6A39A0271@[192.168.1.196]>
References: <1201774424.11372.83.camel@localhost.localdomain> <47A20E85.7090509@stroeder.com> <47A21C58.9090105@its.utexas.edu> <47A2381C.9000409@symas.com> <47A24409.9020207@its.utexas.edu> <0BC91504F966ACF6A39A0271@[192.168.1.196]>
User-agent: Thunderbird 2.0.0.9 (Macintosh/20071031)

Quanah Gibson-Mount wrote:

If your 2.3.35 servers can be accessed via a remote connection, anyone can crash them at any time. Is that considered critical?

Out of curiosity, can you point me at specific weaknesses in 2.3.35 that we should be concerned about? Are we talking about ITS#s 4923, 4925, 4938, 4966, or something else?

Is this something where they could only crash the server if they could get direct access to send malformed LDAP queries, or is this something that could potentially be abused through a third-party XSS-style attack?


Thanks!

--
Brad Knowles <b.knowles@its.utexas.edu>
Senior System Administrator, UT Austin ITS-Unix
COM 24  |  5-9342

Follow-Ups:
- Re: large ldap server recommendation
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

References:
- Re: large ldap server recommendation
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: Re: large ldap server recommendation
Next by Date: Re: large ldap server recommendation
Index(es):
- Chronological
- Thread