(RHSA-2013:0590) Important: nss-pam-ldapd security update

2013-03-0400:00:00

access.redhat.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

70.9%

JSON

The nss-pam-ldapd packages provide the nss-pam-ldapd daemon (nslcd), which
uses a directory server to lookup name service information on behalf of a
lightweight nsswitch module.

An array index error, leading to a stack-based buffer overflow flaw, was
found in the way nss-pam-ldapd managed open file descriptors. An attacker
able to make a process have a large number of open file descriptors and
perform name lookups could use this flaw to cause the process to crash or,
potentially, execute arbitrary code with the privileges of the user running
the process. (CVE-2013-0288)

Red Hat would like to thank Garth Mollett for reporting this issue.

All users of nss-pam-ldapd are advised to upgrade to these updated
packages, which contain a backported patch to fix this issue.

OSVersionArchitecturePackageVersionFilename
RedHat6s390nss-pam-ldapd< 0.7.5-18.1.el6_4nss-pam-ldapd-0.7.5-18.1.el6_4.s390.rpm
RedHat6ppcnss-pam-ldapd-debuginfo< 0.7.5-18.1.el6_4nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc.rpm
RedHat6s390xnss-pam-ldapd< 0.7.5-18.1.el6_4nss-pam-ldapd-0.7.5-18.1.el6_4.s390x.rpm
RedHat6ppc64nss-pam-ldapd-debuginfo< 0.7.5-18.1.el6_4nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc64.rpm
RedHat6x86_64nss-pam-ldapd-debuginfo< 0.7.5-18.1.el6_4nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
RedHat6i686nss-pam-ldapd< 0.7.5-18.1.el6_4nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
RedHat6x86_64nss-pam-ldapd< 0.7.5-18.1.el6_4nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
RedHat6srcnss-pam-ldapd< 0.7.5-18.1.el6_4nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
RedHat6i686nss-pam-ldapd-debuginfo< 0.7.5-18.1.el6_4nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
RedHat6s390xnss-pam-ldapd-debuginfo< 0.7.5-18.1.el6_4nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	s390	nss-pam-ldapd	< 0.7.5-18.1.el6_4	nss-pam-ldapd-0.7.5-18.1.el6_4.s390.rpm
RedHat	6	ppc	nss-pam-ldapd-debuginfo	< 0.7.5-18.1.el6_4	nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc.rpm
RedHat	6	s390x	nss-pam-ldapd	< 0.7.5-18.1.el6_4	nss-pam-ldapd-0.7.5-18.1.el6_4.s390x.rpm
RedHat	6	ppc64	nss-pam-ldapd-debuginfo	< 0.7.5-18.1.el6_4	nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc64.rpm
RedHat	6	x86_64	nss-pam-ldapd-debuginfo	< 0.7.5-18.1.el6_4	nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
RedHat	6	i686	nss-pam-ldapd	< 0.7.5-18.1.el6_4	nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
RedHat	6	x86_64	nss-pam-ldapd	< 0.7.5-18.1.el6_4	nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
RedHat	6	src	nss-pam-ldapd	< 0.7.5-18.1.el6_4	nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
RedHat	6	i686	nss-pam-ldapd-debuginfo	< 0.7.5-18.1.el6_4	nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
RedHat	6	s390x	nss-pam-ldapd-debuginfo	< 0.7.5-18.1.el6_4	nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390x.rpm