Critical Path Information for VU#657547
Critical Path directory products contain multiple vulnerabilities in LDAP handling code
Critical Path is committed to ensuring that all supported versions of the Directory Server are free of vulnerabilities of the type identified in the above referenced vulnerability note. The outcome of this will be at a minimum, a patch or upgrade to remove the vulnerability from each of the supported versions.
Please visit Critical Path InJoin Directory Server support pages at (http://support.cp.net/CP_Buffer_Overflow_Vulnerability.doc) for details on workarounds and patch availability information for the potential vulnerabilities discovered in the InJoin Directory Server.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.