Vulnerabilities (CVE)

Filtered by vendor Arthurdejong Subscribe
Filtered by product Nss-pam-ldapd
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-0288 1 Arthurdejong 1 Nss-pam-ldapd 2024-11-21 6.8 MEDIUM N/A
nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.
CVE-2011-0438 1 Arthurdejong 1 Nss-pam-ldapd 2024-11-21 6.8 MEDIUM N/A
nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found in LDAP, which allows remote attackers to bypass authentication.