Computer Security
[EN] securityvulns.ru no-pyccku


nss_ldap information leak
Published:26.11.2007
Source:
SecurityVulns ID:8377
Type:library
Threat Level:
5/10
Description:Race conditions in multithread applications.
Affected:NSSLDAP : nss_ldap 257
CVE:CVE-2007-5794 (Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.)
Original documentdocumentGENTOO, [ GLSA 200711-33 ] nss_ldap: Information disclosure (26.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod