Summary: | sys-auth/nss_ldap allows trivial local-console access to locked accounts | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matt Drew (RETIRED) <aetius> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2641 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Matt Drew (RETIRED)
2006-10-06 08:51:58 UTC
Thanks for the report. Since the stable version is not affected and has been stable for months, this does not appear to be worth a GLSA anymore. The older versions are also vulnerable to a different issue, so they really should be removed when possible, but this is handled in bug #140490. |