CVE-2013-0288
Vulnerability from cvelistv5
Published
2013-03-04 21:00
Modified
2024-08-06 14:18
Severity ?
Summary
nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.
References
secalert@redhat.comhttp://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81
secalert@redhat.comhttp://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32
secalert@redhat.comhttp://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b
secalert@redhat.comhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319
secalert@redhat.comhttp://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0590.html
secalert@redhat.comhttp://secunia.com/advisories/52212
secalert@redhat.comhttp://secunia.com/advisories/52242Vendor Advisory
secalert@redhat.comhttp://www.debian.org/security/2012/dsa-2628
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:106
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/02/18/2
secalert@redhat.comhttp://www.securityfocus.com/bid/58007
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/82175
secalert@redhat.comhttps://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071
af854a3a-2127-422b-91ae-364da2661108http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81
af854a3a-2127-422b-91ae-364da2661108http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32
af854a3a-2127-422b-91ae-364da2661108http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319
af854a3a-2127-422b-91ae-364da2661108http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0590.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/52212
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/52242Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2628
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:106
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/02/18/2
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/58007
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/82175
af854a3a-2127-422b-91ae-364da2661108https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.878Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288"
          },
          {
            "name": "RHSA-2013:0590",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0590.html"
          },
          {
            "name": "58007",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58007"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319"
          },
          {
            "name": "DSA-2628",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2628"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81"
          },
          {
            "name": "[oss-security] 20130218 CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/02/18/2"
          },
          {
            "name": "FEDORA-2013-2754",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html"
          },
          {
            "name": "52212",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/52212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b"
          },
          {
            "name": "52242",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/52242"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32"
          },
          {
            "name": "MDVSA-2013:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:106"
          },
          {
            "name": "[nss-pam-ldapd-announce] 20130218 nss-pam-ldapd security advisory (CVE-2013-0288)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html"
          },
          {
            "name": "nsspamldapd-fdsetsize-bo(82175)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82175"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071"
          },
          {
            "name": "openSUSE-SU-2013:0522",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html"
          },
          {
            "name": "openSUSE-SU-2013:0524",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288"
        },
        {
          "name": "RHSA-2013:0590",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0590.html"
        },
        {
          "name": "58007",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58007"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319"
        },
        {
          "name": "DSA-2628",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2628"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81"
        },
        {
          "name": "[oss-security] 20130218 CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/02/18/2"
        },
        {
          "name": "FEDORA-2013-2754",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html"
        },
        {
          "name": "52212",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/52212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b"
        },
        {
          "name": "52242",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/52242"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32"
        },
        {
          "name": "MDVSA-2013:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:106"
        },
        {
          "name": "[nss-pam-ldapd-announce] 20130218 nss-pam-ldapd security advisory (CVE-2013-0288)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html"
        },
        {
          "name": "nsspamldapd-fdsetsize-bo(82175)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82175"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071"
        },
        {
          "name": "openSUSE-SU-2013:0522",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html"
        },
        {
          "name": "openSUSE-SU-2013:0524",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-0288",
    "datePublished": "2013-03-04T21:00:00",
    "dateReserved": "2012-12-06T00:00:00",
    "dateUpdated": "2024-08-06T14:18:09.878Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-0288\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-03-05T21:38:55.680\",\"lastModified\":\"2024-11-21T01:47:14.050\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.\"},{\"lang\":\"es\",\"value\":\"nss-pam-ldapd before v0.7.18 y v0.8.x anterior a v0.8.11  permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario realizando una b\u00fasqueda de nombre en una aplicaci\u00f3n con un gran n\u00famero de descriptores de archivos abiertos, lo cual provoca un desbordamiento de b\u00fafer basado en pila relacionada con el uso incorrecto de la macro \\\"FD_SET\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8A0F0A1-22BF-49ED-A30B-73B8CDE944FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8339A42-2F47-49ED-BEBA-D3FB979019D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AD7177E-DB13-42FE-A9E8-B5EBDFD7BEA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27FC4C3C-81EE-4AF4-BBFE-81DAD891AD44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DEEC0FF-FA8A-4FF1-AD32-3EFDFDC8BFC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84738050-FD3C-471B-91C3-BE1A081F4992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA772BA6-C7D5-4D3A-89F7-67F76431DC85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F586048F-2C4D-4EDF-95EA-4AE8B856429B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B13CF6FE-E668-4A23-BB5F-92B8EB99D580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CCEDFCE-16BB-4E09-9989-0029E9218D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F228803F-F3C5-4EAB-8F0A-EC87936E02C3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.7.17\",\"matchCriteriaId\":\"282CB342-5F1B-4610-9B20-E7D0350169AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B5C5217-5A15-4214-8565-8772C7CE77E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E25F464-7D12-459E-94F6-79737AC5236D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5260A9F7-2D44-4B6F-9400-84BFF184AA67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"735C6629-0A0A-4410-B983-6D2BD838BD47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C8F18D3-17CB-404D-86DC-EAB6ED06FD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23D83B1A-5064-4EB0-9FE4-00F8FF009777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82420B2C-3642-4F11-A0AA-9E125F14CE27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932005E5-BDDD-4985-812C-9894C2299C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F57C39F-6CBC-4BB5-AE17-347D033DAB30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"053019E4-D2D2-4688-AAC2-D2BD44CF8A9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FFCE672-616D-447C-8037-8601D2F9AEB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD6807CA-E391-4AF1-9517-ADA1DF3F9A9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6B260B1-9532-4588-9D1F-420FB03AB86D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5861165B-11B0-47A3-B523-02219F812427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8467A973-1C06-408F-8905-4A1685F1460C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA00A4F-BCA4-4D85-843C-A8F541DE0430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22D4E112-66E6-4679-A471-11182C96A1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"457362A3-CF56-4BBF-8FC4-78CA65D10394\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"118E6469-682A-4AF6-9D68-94052CE9D2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44DCA5C8-BED1-49EF-B977-C1FBE199CC9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75568060-1855-401F-AA57-D8181594743A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F13B3AF-6534-4D1E-82BC-955F2811E69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88331004-3E43-41CB-9F75-EE2E66B40F02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C4B0B59-3F0A-4445-9B1E-7D2BE55A2893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B99408-3AEB-493A-A8ED-FF58279D3689\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B605D9E-E966-4734-8482-3647D6B5FF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F13252A-4EC1-48D2-8CDF-7EBCA0E1E534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09ABEA75-3C4D-4A0A-968C-399278503F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC556A00-652E-474A-ABA2-117898DC8ADB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF32F990-1B4B-4BFC-9DB5-11B5B988E842\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C838B4FC-8F8F-4982-87C7-E8FAC23F349A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"147049EC-BE86-42B5-881A-307895551304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9875EA63-CA67-436A-B637-E8F6A526517C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4238362D-B5AF-42F3-9587-FB803AFF3C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5C6441-E75A-400F-B7B0-A3E5843A3EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21CCE081-0AA2-44DC-A91B-8B32BC156758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F9B185-5A72-41E0-A6EE-DEC388B8953E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEDDBAEE-D343-42ED-84BA-4CBE1042A78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07A8A3A9-F56C-4928-8DB2-20E938780DB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38DBC33-6790-4641-9C49-40B30D387885\"}]}]}],\"references\":[{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0590.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/52212\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/52242\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2628\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:106\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/02/18/2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/58007\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82175\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0590.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/52212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/52242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/02/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/58007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.