Lucene search

K
ubuntucveUbuntu.comUB:CVE-2007-5794
HistoryNov 13, 2007 - 12:00 a.m.

CVE-2007-5794

2007-11-1300:00:00
ubuntu.com
ubuntu.com
5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.011

Percentile

84.7%

Race condition in nss_ldap, when used in applications that are linked
against the pthread library and fork after a call to nss_ldap, might send
user data to the wrong process because of improper handling of the LDAP
connection. NOTE: this issue was originally reported for Dovecot with the
wrong mailboxes being returned, but other applications might also be
affected.

Bugs

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.011

Percentile

84.7%