FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-2641

This CVE name corresponds to:

Entered Topic
2005-08-27 pam_ldap -- authentication bypass vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-2641 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-2641
Phase Assigned(20050821)

Description

Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate.

References

Source Reference
BUGTRAQ 20061005 rPSA-2006-0183-1 nss_ldap
MISC https://www.redhat.com/archives/fedora-test-list/2005-August/msg00170.html
CONFIRM https://issues.rpath.com/browse/RPL-680
MANDRIVA MDKSA-2005:190
REDHAT RHSA-2005:767
CERT-VN VU#778916
BID 14649
OVAL oval:org.mitre.oval:def:10370
SECUNIA 17233
SECUNIA 17270

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.