Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2007-5794
HistoryNov 13, 2007 - 11:46 p.m.

CVE-2007-5794

2007-11-1323:46:00
Debian Security Bug Tracker
security-tracker.debian.org
10

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.011

Percentile

84.7%

Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.

OSVersionArchitecturePackageVersionFilename
Debian11alllibnss-ldap< 256-1libnss-ldap_256-1_all.deb

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.011

Percentile

84.7%