nss-pam-ldapd security advisory (CVE-2011-0438)
[Date Prev][Date Next] [Thread Prev][Thread Next]nss-pam-ldapd security advisory (CVE-2011-0438)
- From: Arthur de Jong <arthur [at] arthurdejong.org>
- To: nss-pam-ldapd-announce <nss-pam-ldapd-announce [at] lists.arthurdejong.org>
- Cc: oss-security [at] lists.openwall.com
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd security advisory (CVE-2011-0438)
- Date: Wed, 09 Mar 2011 22:57:14 +0100
Russell Sim discovered a serious security vulnerability in development release 0.8.0 of nss-pam-ldapd that allows authentication with an incorrect password for local user accounts. The PAM module will erroneously return a success code when the user cannot be found in LDAP. Exploitability depends on the details of the PAM configuration but on systems that don't use the minimum_uid PAM option it may be possible to log in to any local account, including root. This problem only affects the 0.8.0 development release of nss-pam-ldapd. Earlier releases are not affected. This problem has been assigned CVE-2011-0438. More details are available at: http://arthurdejong.org/nss-pam-ldapd/news.html#20110309 Affected users are advised to apply the attached patch, upgrade to 0.8.1 (which will be released shortly), downgrade to 0.7.13 or disable nss-pam-ldapd's PAM module. -- -- arthur - arthur@arthurdejong.org - http://arthurdejong.org --
Attachment:
nss-pam-ldapd-0.8.0-authentication-bypass-fix.patch
Description: Text Data
-- To unsubscribe send an email to nss-pam-ldapd-announce-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-announce
- nss-pam-ldapd security advisory (CVE-2011-0438), Arthur de Jong
- Next by Date: release 0.8.1 of nss-pam-ldapd
- Next by thread: release 0.8.1 of nss-pam-ldapd