|
|
Log in / Subscribe / Register

nss-pam-ldapd: code execution

Package(s):nss-pam-ldapd CVE #(s):CVE-2013-0288
Created:February 18, 2013 Updated:June 19, 2013
Description: From the Debian advisory:

Garth Mollett discovered that a file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd, which provides NSS and PAM modules for using LDAP as a naming service, can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process that has the NSS or PAM module loaded to crash or potentially execute arbitrary code.

Alerts:
Debian DSA-2628-2 nss-pam-ldapd 2013-06-18
Mandriva MDVSA-2013:106 nss-pam-ldapd 2013-04-10
openSUSE openSUSE-SU-2013:0524-1 nss-pam-ldapd 2013-03-22
openSUSE openSUSE-SU-2013:0522-2 nss-pam-ldapd 2013-03-22
openSUSE openSUSE-SU-2013:0522-1 nss-pam-ldapd 2013-03-22
CentOS CESA-2013:0590 nss-pam-ldapd 2013-03-09
Oracle ELSA-2013-0590 nss-pam-ldapd 2013-03-04
Scientific Linux SL-nss--20130304 nss-pam-ldapd 2013-03-04
Red Hat RHSA-2013:0590-01 nss-pam-ldapd 2013-03-04
Mageia MGASA-2013-0071 nss-pam-ldapd 2013-02-27
Fedora FEDORA-2013-2754 nss-pam-ldapd 2013-02-28
Debian DSA-2628-1 nss-pam-ldapd 2013-02-18
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds