nss-pam-ldapd -- file descriptor buffer overflow

2013-02-18T00:00:00
ID 58C15292-7B61-11E2-95DA-001E8C1A8A0E
Type freebsd
Reporter FreeBSD
Modified 2013-02-18T00:00:00

Description

Garth Mollett reports:

A file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process that has the NSS or PAM module loaded to crash or potentially execute arbitrary code.