lists.arthurdejong.org
RSS feed

nss-pam-ldapd security advisory (CVE-2011-0438)

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd security advisory (CVE-2011-0438)



Russell Sim discovered a serious security vulnerability in development
release 0.8.0 of nss-pam-ldapd that allows authentication with an
incorrect password for local user accounts.

The PAM module will erroneously return a success code when the user
cannot be found in LDAP. Exploitability depends on the details of the
PAM configuration but on systems that don't use the minimum_uid PAM
option it may be possible to log in to any local account, including
root.

This problem only affects the 0.8.0 development release of
nss-pam-ldapd. Earlier releases are not affected.

This problem has been assigned CVE-2011-0438.

More details are available at:
http://arthurdejong.org/nss-pam-ldapd/news.html#20110309

Affected users are advised to apply the attached patch, upgrade to 0.8.1
(which will be released shortly), downgrade to 0.7.13 or disable
nss-pam-ldapd's PAM module.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

Attachment: nss-pam-ldapd-0.8.0-authentication-bypass-fix.patch
Description: Text Data

-- 
To unsubscribe send an email to
nss-pam-ldapd-announce-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-announce