MiracleLinux 3 : nss_ldap-253-12AXS3 (AXSA:2008-381:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2008-381:03 advisory. The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows applications to retrieve information about users an...

MiracleLinux 3 : nss_ldap-253-3.1AXS3 (AXSA:2008-84:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2008-84:01 advisory. Description of problem: The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows applications to retrieve...

EUVD-2000-1032

Malware in sbrugna...

EUVD-2007-5764

Malware in sbrugna...

EUVD-2005-2378

Malware in sbrugna...

EUVD-2002-0817

Malware in sbrugna...

RHSA-2008:0715 Red Hat Security Advisory: nss_ldap security and bug fix update

Bulletin has no description...

RHSA-2008:0389 Red Hat Security Advisory: nss_ldap security and bug fix update

Bulletin has no description...

RHSA-2006:0719 Red Hat Security Advisory: nss_ldap security update

Bulletin has no description...

RHSA-2005:751 Red Hat Security Advisory: openldap and nss_ldap security update

Bulletin has no description...

Oracle Linux 5 : nss_ldap (ELSA-2008-0389)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2008-0389 advisory. 253-12 - rebuild 253-11 - backport changes to group parsing from version 254 to fix heap corruption when parsing nested groups 444031 253-10 - remove unnecessar...

SUSE CVE-2005-2069

pamldap and nssldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password...

SUSE CVE-2007-5794

Race condition in nssldap, when used in applications that are linked against the pthread library and fork after a call to nssldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong...

Information Disclosure

nssldap is vulnerable to information disclosure. A race condition was discovered in nssldap which affected certain applications which make LDAP connections, such as Dovecot. This could cause nssldap to answer a request for information about one user with information about a different user...

Oracle: Security Advisory (ELSA-2008-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 4 : nss_ldap (ELSA-2006-0719)

From Red Hat Security Advisory 2006:0719 : Updated nssldap packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. nssldap is a set of C library extensions that allow...

Mandrake Linux Security Advisory : nss_ldap (MDKSA-2000:066-1)

A race condition exists in versions of nssldap prior to version 121. On a system running nscd, a malicious user can cause the system to hang. Update : Due to a new packaging scheme, the updates have been re-released with the appropriate revision number. %NASLMINLEVEL 70300 C Tenable Network...

Scientific Linux Security Update : nss_ldap on SL4.x i386/x86_64

A race condition was discovered in nssldap, which affected certain applications that make LDAP connections, such as Dovecot. This could cause nssldap to answer a request for information about one user with the information about a different user. CVE-2007-5794 As well, this updated package fixes t...

Scientific Linux Security Update : nss_ldap on SL5.x i386/x86_64

A race condition was discovered in nssldap which affected certain applications which make LDAP connections, such as Dovecot. This could cause nssldap to answer a request for information about one user with information about a different user. CVE-2007-5794 In addition, these updated packages fix t...

Scientific Linux Security Update : nss_ldap on SL3.x i386/x86_64

When the nssldap plug-in attempted to format the list of a group's members for an application, it did not correctly detect when the space provided to store that list was insufficient. For large groups, this resulted in a corrupt heap, which typically resulted in the calling application crashing, ...