RSS feed

nss-pam-ldapd security advisory (CVE-2013-0288)

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd security advisory (CVE-2013-0288)

Garth Mollett discovered that a file descriptor overflow issue in the
use of FD_SET() in nss-pam-ldapd can lead to a buffer overflow. An
attacker could, under some circumstances, use this flaw to cause a
process that has the NSS or PAM module loaded to crash or potentially
execute arbitrary code.

This problem affects all releases before 0.7.18 and 0.8.11.

This problem has been assigned CVE-2013-0288.

More details are available at:

Users are advised to apply the appropriate patch or upgrade to 0.8.11 or

-- arthur - - --
To unsubscribe send an email to or see