Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:190: nss_ldap Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the nss_ldap package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:190 (nss_ldap).
A bug was found in the way the pam_ldap module processed certain failure
messages. If the server includes supplemental data in an authentication failure
result message, but the data does not include any specific error code, the
pam_ldap module would proceed as if the authentication request had succeeded,
and authentication would succeed. This affects versions 169 through 179 of
The updated packages have been patched to address this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:190
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.