Home page logo

fulldisclosure logo Full Disclosure mailing list archives

rPSA-2006-0183-1 nss_ldap
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Thu, 05 Oct 2006 17:46:26 -0400

rPath Security Advisory: 2006-0183-1
Published: 2006-10-05
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    Deterministic Unauthorized Access
Updated Versions:
    nss_ldap=/conary.rpath.com () rpl:devel//1/239-9.1-1


    Previous versions of the nss_ldap package do not properly handle
    accounts locked using the PasswordPolicyResponse control response,
    allowing potential unauthorized access from locked accounts when
    systems are configured to use LDAP authentication.  rPath Linux
    is not configured to use LDAP authentication by default.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • rPSA-2006-0183-1 nss_ldap rPath Update Announcements (Oct 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]