SOL6634 - pam_ldap vulnerability - CVE-2005-2641

2006-10-19T00:00:00
ID SOL6634
Type f5
Reporter f5
Modified 2013-03-19T00:00:00

Description

This security advisory describes a pam_ldap vulnerability. Clients who are referred to a different server than the server on which they were originally authenticated, with a different TLS encryption requirement, could possibly bypass the new server's TLS requirements.

Information about this advisory is available at the following location:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2641>

F5 Product Development tracked this issue as CR54024 and CR68903 and it was fixed in BIG-IP 9.1.3 and 9.2.2. For information about upgrading, refer to the BIG-IP LTM or ASM release notes.