Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-5170

Опубликовано: 10 окт. 2006
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:fedoraproject:fedora_core:*:*:*:*:*:*:*:*
Версия до core_3.0 (включая)
cpe:2.3:o:redhat:enterprise_linux:4.0:*:linux_kernel_2.6.9:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:4.0_s390:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:4.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02563
Низкий

7.5 High

CVSS2

Дефекты

CWE-755

Связанные уязвимости

ubuntu логотип

CVE-2006-5170

ubuntu
почти 19 лет назад

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.

redhat логотип

CVE-2006-5170

redhat
почти 19 лет назад

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.

debian логотип

CVE-2006-5170

debian
почти 19 лет назад

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and ...

github логотип

GHSA-3mcc-2cg8-vvjx

github
больше 3 лет назад

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.

fstec логотип

BDU:2015-03073

fstec
почти 19 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 85%
0.02563
Низкий

7.5 High

CVSS2

Дефекты

CWE-755