MiracleLinux 3 : nss_ldap-253-12AXS3 (AXSA:2008-276:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2008-276:03 advisory. The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows applications to retrieve information about users an...

EUVD-2016-0728

Malware in sbrugna...

EUVD-2006-5155

Malware in sbrugna...

K5716: Authentication bypass in PAM LDAP module - CAN-2005-2641

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

Solaris 10 (x86) : 150546-02

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

Solaris 10 (sparc) : 150545-02

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

CVE-2016-0693 affects Oracle Solaris 10 and 11.3, specifically the PAM LDAP module within the Solaris component. The Nessus/NASL entries indicate the vulnerability is exploitable remotely over the network by an unauthenticated attacker via multiple protocols, with impact to confidentiality, integ...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

Solaris 10 (x86) : 150546-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

Solaris 10 (sparc) : 150545-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

openSUSE Security Update : tomcat6 (openSUSE-SU-2011:0988-1)

The following security issues were fixed in tomcat : - Fixed a tomcat user password information leak CVE-2011-2204 - Fixed atomcat information leak and DoS CVE-2011-2526 Also one bug was fixed : - fix bnc702289 - suse manager pam ldap authentication fails - source CATALINAHOME/bin/setenv.sh if...

SOL5716 - Authentication bypass in PAM LDAP module - CAN-2005-2641

Vulnerability description: Vulnerability in pamldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. Information about this advisory is available at the following locations: US-CERT Vulnerability Note VU778916 pamldap authenticatio...

security flaw

pamldap in nssldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pamauthenticate function to return a success cod...

CVE-2006-5170

pamldap in nssldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pamauthenticate function to return a success cod...

DEBIAN-CVE-2005-2641

Unknown vulnerability in pamldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate...

CVE-2005-2641

Unknown vulnerability in pamldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate...

DEBIAN-CVE-2005-2069

pamldap and nssldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password...