7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
72.6%
nss_ldap is a set of C library extensions that allow X.500 and LDAP
directory servers to be used as primary sources for aliases, ethers,
groups, hosts, networks, protocols, users, RPCs, services, and shadow
passwords.
A flaw was found in the way nss_ldap handled a PasswordPolicyResponse
control sent by an LDAP server. If an LDAP server responded to an
authentication request with a PasswordPolicyResponse control, it was
possible for an application using nss_ldap to improperly authenticate
certain users. (CVE-2006-5170)
This flaw was only exploitable within applications which did not properly
process nss_ldap error messages. Only xscreensaver is currently known to
exhibit this behavior.
All users of nss_ldap should upgrade to these updated packages, which
contain a backported patch that resolves this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | nss_ldap | < 226-17 | nss_ldap-226-17.s390x.rpm |
RedHat | any | i386 | nss_ldap | < 226-17 | nss_ldap-226-17.i386.rpm |
RedHat | any | src | nss_ldap | < 226-17 | nss_ldap-226-17.src.rpm |
RedHat | any | ppc64 | nss_ldap | < 226-17 | nss_ldap-226-17.ppc64.rpm |
RedHat | any | ia64 | nss_ldap | < 226-17 | nss_ldap-226-17.ia64.rpm |
RedHat | any | ppc | nss_ldap | < 226-17 | nss_ldap-226-17.ppc.rpm |
RedHat | any | x86_64 | nss_ldap | < 226-17 | nss_ldap-226-17.x86_64.rpm |
RedHat | any | s390 | nss_ldap | < 226-17 | nss_ldap-226-17.s390.rpm |