Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: GLSA-200612-19 Low: pam_ldap Authentication Bypass Issue

gentoo
Calendar Grey December 20, 2006
Dist Gentoo Esm H88
Gentoo's GLSA-200612-19 addresses a critical pam_ldap vulnerability allowing unauthorized access via LDAP authentication bypass. Users should upgrade or apply mitigations for system protection
pam_ldap contains a vulnerability that may allow a remote user with a locked account to gain unauthorized system access.

Summary

Gentoo Linux Security Advisory GLSA 200612-19 https://security.gentoo.org/ Severity: Low Title: pam_ldap: Authentication bypass vulnerability Date: December 20, 2006 Bugs: #153916 ID: 200612-19

Synopsis ======= pam_ldap contains a vulnerability that may allow a remote user with a locked account to gain unauthorized system access.
Background ========= pam_ldap is a Pluggable Authentication Module which allows authentication against LDAP directories.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-auth/pam_ldap < 183 >= 183
========== Steve Rigler discovered that pam_ldap does not correctly handle "PasswordPolicyResponse" control responses fr...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory unauthorized access gentoo remote access low severity authentication bypass pam_ldap

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory unauthorized access gentoo remote access low severity authentication bypass pam_ldap

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here