Master/slave configurations with enabled
"ppolicy_forward_updates" option potentially allowed users
to log in with an invalid password (CVE-2011-1024).

unauthenticated users could crash the ldap server
(CVE-2011-1081).