CVE-2009-1648

Name of the Vulnerable Software and Affected Versions: yast2-ldap-server version on SUSE Linux Enterprise Server 11

Description: The issue concerns the YaST2 LDAP module in yast2-ldap-server, which fails to enable the firewall under specific conditions, such as during reboots that occur while online updates are being applied. This failure makes it easier for remote attackers to gain access to network services.

Recommendations: For yast2-ldap-server on SUSE Linux Enterprise Server 11, ensure the firewall is manually enabled after reboots during online updates to prevent unauthorized access until a fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.