| Summary: | <sys-auth/nss-pam-ldapd-0.8.11 : FD_SET array index error, leading to stack-based buffer overflow (CVE-2013-0288) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | trivial | CC: | prometheanfire |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=909119 | ||
| Whiteboard: | ~2 [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
patch doesn't apply against 0.8.12, asking for one or for a .13 release (emailed dev). On Mon, 2013-02-18 at 15:13 -0600, Matthew Thode wrote: > I was wondering if you had a patch that could be applied to 0.8.12 or if > 0.8.13 would be released any time soon because of the CVE. This doesn't > apply against 0.8.12 unfortunately. > > http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=7867b93f9a7c76b96f1571cddc1de0811134bb81 Both 0.8.11 and 0.8.12 are not vulnerable to this issue. This issue was found and fixed a while back and only later it was discovered to have security implications. Thanks, -- -- arthur - arthur@arthurdejong.org - http://arthurdejong.org -- invalid for the packages in tree? (In reply to comment #2) > invalid for the packages in tree? yes, is just to track the issue |
From ${URL} : An array index error, leading to stack-based buffer overflow flaw was found in the way nss-pam-ldapd, a PAM and nsswitch module which uses directory servers, performed management of file descriptors when performing file descriptors activity wait. An attacker could use this flaw to cause processes with a large number of opened file descriptors, that performed name lookups to crash or, potentially, execute arbitrary code with the privileges of the user running the process. Upstream advisory: [1] http://arthurdejong.org/nss-pam-ldapd/CVE-2013-0288