[go: up one dir, main page]
|
|
Log in / Subscribe / Register

libpam-ldap: insecure password control

Package(s):libpam-ldap CVE #(s):CVE-2006-5170
Created:November 3, 2006 Updated:December 21, 2006
Description: Steve Rigler discovered that the PAM module for authentication against LDAP servers processes PasswordPolicyReponse control messages incorrectly, which might lead to an attacker being able to login into a suspended system account.
Alerts:
Gentoo 200612-19 pam_ldap 2006-12-20
SuSE SUSE-SR:2006:027 postgresql, pam_ldap, links 2006-11-24
Red Hat RHSA-2006:0719-01 nss_ldap 2006-11-15
Mandriva MDKSA-2006:201 pam_ldap 2006-11-07
Trustix TSLSA-2006-0061 mutt, pam_ldap, php 2006-11-03
Debian DSA-1203-1 libpam-ldap 2006-11-02
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds