CVE-2003-0734 — Libnss-ldap vulnerability

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

0.4%

top 38.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Libnss-ldap Debian Libpam-ldap Padl Software PAM Ldap

Timeline

PublishedOct 20

Latest updateApr 29

Description

Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/libnss-ldap< libnss-ldap 207-1 (bullseye)

▶debiandebian/libpam-ldap< libnss-ldap 207-1 (bullseye)

▶NVDpadl_software/pam_ldap162

🔴Vulnerability Details

GHSA

GHSA-5p76-qmmf-h53v: Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass↗2022-04-29

▶

OSV

CVE-2003-0734: Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass↗2003-10-20

▶

📋Vendor Advisories

Debian

CVE-2003-0734: libnss-ldap - Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162...↗2003

▶