User: Password:
|
|
Subscribe / Log in / New account

pam_ldap: plain text authentication leak

Package(s):pam_ldap CVE #(s):CAN-2005-2069
Created:July 14, 2005 Updated:October 17, 2005
Description: pam_ldap and nss_ldap ignore the "ssl start_tls" ldap.conf setting, allowing an attacker to sniff unencrypted passwords and other information.
Alerts:
Red Hat RHSA-2005:767-01 openldap 2005-10-17
Red Hat RHSA-2005:751-01 openldap 2005-10-17
SuSE SUSE-SR:2005:020 multiple 2005-09-12
Ubuntu USN-152-1 openldap2, libpam-ldap, libnss-ldap 2005-07-21
Mandriva MDKSA-2005:121 nss_ldap 2005-07-18
Gentoo 200507-13 pam_ldap 2005-07-14

(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds