CVE-2013-0288 (GCVE-0-2013-0288)

Vulnerability from cvelistv5 – Published: 2013-03-04 21:00 – Updated: 2024-08-06 14:18
VLAI?
Summary
nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.878Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288"
          },
          {
            "name": "RHSA-2013:0590",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0590.html"
          },
          {
            "name": "58007",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58007"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319"
          },
          {
            "name": "DSA-2628",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2628"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81"
          },
          {
            "name": "[oss-security] 20130218 CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/02/18/2"
          },
          {
            "name": "FEDORA-2013-2754",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html"
          },
          {
            "name": "52212",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/52212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b"
          },
          {
            "name": "52242",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/52242"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32"
          },
          {
            "name": "MDVSA-2013:106",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:106"
          },
          {
            "name": "[nss-pam-ldapd-announce] 20130218 nss-pam-ldapd security advisory (CVE-2013-0288)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html"
          },
          {
            "name": "nsspamldapd-fdsetsize-bo(82175)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82175"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071"
          },
          {
            "name": "openSUSE-SU-2013:0522",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html"
          },
          {
            "name": "openSUSE-SU-2013:0524",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288"
        },
        {
          "name": "RHSA-2013:0590",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0590.html"
        },
        {
          "name": "58007",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58007"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319"
        },
        {
          "name": "DSA-2628",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2628"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81"
        },
        {
          "name": "[oss-security] 20130218 CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/02/18/2"
        },
        {
          "name": "FEDORA-2013-2754",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html"
        },
        {
          "name": "52212",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/52212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b"
        },
        {
          "name": "52242",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/52242"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32"
        },
        {
          "name": "MDVSA-2013:106",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:106"
        },
        {
          "name": "[nss-pam-ldapd-announce] 20130218 nss-pam-ldapd security advisory (CVE-2013-0288)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html"
        },
        {
          "name": "nsspamldapd-fdsetsize-bo(82175)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82175"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071"
        },
        {
          "name": "openSUSE-SU-2013:0522",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html"
        },
        {
          "name": "openSUSE-SU-2013:0524",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-0288",
    "datePublished": "2013-03-04T21:00:00",
    "dateReserved": "2012-12-06T00:00:00",
    "dateUpdated": "2024-08-06T14:18:09.878Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-0288\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-03-05T21:38:55.680\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.\"},{\"lang\":\"es\",\"value\":\"nss-pam-ldapd before v0.7.18 y v0.8.x anterior a v0.8.11  permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario realizando una b\u00fasqueda de nombre en una aplicaci\u00f3n con un gran n\u00famero de descriptores de archivos abiertos, lo cual provoca un desbordamiento de b\u00fafer basado en pila relacionada con el uso incorrecto de la macro \\\"FD_SET\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8A0F0A1-22BF-49ED-A30B-73B8CDE944FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8339A42-2F47-49ED-BEBA-D3FB979019D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AD7177E-DB13-42FE-A9E8-B5EBDFD7BEA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27FC4C3C-81EE-4AF4-BBFE-81DAD891AD44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DEEC0FF-FA8A-4FF1-AD32-3EFDFDC8BFC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84738050-FD3C-471B-91C3-BE1A081F4992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA772BA6-C7D5-4D3A-89F7-67F76431DC85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F586048F-2C4D-4EDF-95EA-4AE8B856429B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B13CF6FE-E668-4A23-BB5F-92B8EB99D580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CCEDFCE-16BB-4E09-9989-0029E9218D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F228803F-F3C5-4EAB-8F0A-EC87936E02C3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.7.17\",\"matchCriteriaId\":\"282CB342-5F1B-4610-9B20-E7D0350169AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B5C5217-5A15-4214-8565-8772C7CE77E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E25F464-7D12-459E-94F6-79737AC5236D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5260A9F7-2D44-4B6F-9400-84BFF184AA67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"735C6629-0A0A-4410-B983-6D2BD838BD47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C8F18D3-17CB-404D-86DC-EAB6ED06FD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23D83B1A-5064-4EB0-9FE4-00F8FF009777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82420B2C-3642-4F11-A0AA-9E125F14CE27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932005E5-BDDD-4985-812C-9894C2299C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F57C39F-6CBC-4BB5-AE17-347D033DAB30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"053019E4-D2D2-4688-AAC2-D2BD44CF8A9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FFCE672-616D-447C-8037-8601D2F9AEB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD6807CA-E391-4AF1-9517-ADA1DF3F9A9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6B260B1-9532-4588-9D1F-420FB03AB86D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5861165B-11B0-47A3-B523-02219F812427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8467A973-1C06-408F-8905-4A1685F1460C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA00A4F-BCA4-4D85-843C-A8F541DE0430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22D4E112-66E6-4679-A471-11182C96A1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"457362A3-CF56-4BBF-8FC4-78CA65D10394\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"118E6469-682A-4AF6-9D68-94052CE9D2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44DCA5C8-BED1-49EF-B977-C1FBE199CC9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75568060-1855-401F-AA57-D8181594743A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F13B3AF-6534-4D1E-82BC-955F2811E69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88331004-3E43-41CB-9F75-EE2E66B40F02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C4B0B59-3F0A-4445-9B1E-7D2BE55A2893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B99408-3AEB-493A-A8ED-FF58279D3689\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B605D9E-E966-4734-8482-3647D6B5FF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F13252A-4EC1-48D2-8CDF-7EBCA0E1E534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09ABEA75-3C4D-4A0A-968C-399278503F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC556A00-652E-474A-ABA2-117898DC8ADB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF32F990-1B4B-4BFC-9DB5-11B5B988E842\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C838B4FC-8F8F-4982-87C7-E8FAC23F349A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"147049EC-BE86-42B5-881A-307895551304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9875EA63-CA67-436A-B637-E8F6A526517C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4238362D-B5AF-42F3-9587-FB803AFF3C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5C6441-E75A-400F-B7B0-A3E5843A3EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21CCE081-0AA2-44DC-A91B-8B32BC156758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F9B185-5A72-41E0-A6EE-DEC388B8953E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEDDBAEE-D343-42ED-84BA-4CBE1042A78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07A8A3A9-F56C-4928-8DB2-20E938780DB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arthurdejong:nss-pam-ldapd:0.7.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38DBC33-6790-4641-9C49-40B30D387885\"}]}]}],\"references\":[{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0590.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/52212\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/52242\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2628\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:106\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/02/18/2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/58007\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82175\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=abf03bc54032beeff95b1b8634cc005137e11f32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=f266f05f20afe73e89c3946a7bd60bd7c5948e1b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.arthurdejong.org/nss-pam-ldapd-announce/2013/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099438.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00087.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00091.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0590.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/52212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/52242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/02/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/58007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0288\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0071\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.