Date: Wed, 09 Mar 2011 22:57:14 +0100 From: Arthur de Jong <arthur@...hurdejong.org> To: nss-pam-ldapd-announce <nss-pam-ldapd-announce@...ts.arthurdejong.org> Cc: oss-security@...ts.openwall.com Subject: nss-pam-ldapd security advisory (CVE-2011-0438) Russell Sim discovered a serious security vulnerability in development release 0.8.0 of nss-pam-ldapd that allows authentication with an incorrect password for local user accounts. The PAM module will erroneously return a success code when the user cannot be found in LDAP. Exploitability depends on the details of the PAM configuration but on systems that don't use the minimum_uid PAM option it may be possible to log in to any local account, including root. This problem only affects the 0.8.0 development release of nss-pam-ldapd. Earlier releases are not affected. This problem has been assigned CVE-2011-0438. More details are available at: http://arthurdejong.org/nss-pam-ldapd/news.html#20110309 Affected users are advised to apply the attached patch, upgrade to 0.8.1 (which will be released shortly), downgrade to 0.7.13 or disable nss-pam-ldapd's PAM module. -- -- arthur - arthur@...hurdejong.org - http://arthurdejong.org -- View attachment "nss-pam-ldapd-0.8.0-authentication-bypass-fix.patch" of type "text/x-patch" (424 bytes) Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.