Gentoo: GLSA-200711-33 Low Severity: nss_ldap Information Disclosure
gentoo
November 25, 2007
A race condition might lead to theft of user credentials or information disclosure in services using nss_ldap.
Summary
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200711-33
https://security.gentoo.org/
Severity: Low
Title: nss_ldap: Information disclosure
Date: November 25, 2007
Bugs: #198390
ID: 200711-33
Synopsis
=======
A race condition might lead to theft of user credentials or information
disclosure in services using nss_ldap.
Background
=========
nss_ldap is a Name Service Switch module which allows 'passwd', 'group'
and 'host' database information to be pulled from LDAP.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-auth/nss_ldap < 258 >= 258
==========
Josh Burley reported that nss_ldap does not properly handle the ...Read the Full Advisory
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Severity
low
Lowest
Low
Medium
High
Critical
Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3238630_4c9dbbdde36eef04251a4ced7eac4df9 on line 11
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!