|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:190: nss_ldap Vulnerability Scan
Vulnerability Scan Summary Check for the version of the nss_ldap package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:190 (nss_ldap).
A bug was found in the way the pam_ldap module processed certain failure
messages. If the server includes supplemental data in an authentication failure
result message, but the data does not include any specific error code, the
pam_ldap module would proceed as if the authentication request had succeeded,
and authentication would succeed. This affects versions 169 through 179 of
pam_ldap.
The updated packages have been patched to address this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:190
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|