CVE-2013-0288

nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
arthurdejongnss-pam-ldapd
0.8.0
arthurdejongnss-pam-ldapd
0.8.1
arthurdejongnss-pam-ldapd
0.8.2
arthurdejongnss-pam-ldapd
0.8.3
arthurdejongnss-pam-ldapd
0.8.4
arthurdejongnss-pam-ldapd
0.8.5
arthurdejongnss-pam-ldapd
0.8.6
arthurdejongnss-pam-ldapd
0.8.7
arthurdejongnss-pam-ldapd
0.8.8
arthurdejongnss-pam-ldapd
0.8.9
arthurdejongnss-pam-ldapd
0.8.10
arthurdejongnss-pam-ldapd
𝑥
≤ 0.7.17
arthurdejongnss-pam-ldapd
0.1
arthurdejongnss-pam-ldapd
0.2
arthurdejongnss-pam-ldapd
0.2.1
arthurdejongnss-pam-ldapd
0.3
arthurdejongnss-pam-ldapd
0.4
arthurdejongnss-pam-ldapd
0.4.1
arthurdejongnss-pam-ldapd
0.5
arthurdejongnss-pam-ldapd
0.6
arthurdejongnss-pam-ldapd
0.6.0
arthurdejongnss-pam-ldapd
0.6.1
arthurdejongnss-pam-ldapd
0.6.2
arthurdejongnss-pam-ldapd
0.6.3
arthurdejongnss-pam-ldapd
0.6.4
arthurdejongnss-pam-ldapd
0.6.5
arthurdejongnss-pam-ldapd
0.6.6
arthurdejongnss-pam-ldapd
0.6.7
arthurdejongnss-pam-ldapd
0.6.7.1
arthurdejongnss-pam-ldapd
0.6.7.2
arthurdejongnss-pam-ldapd
0.6.8
arthurdejongnss-pam-ldapd
0.6.9
arthurdejongnss-pam-ldapd
0.6.10
arthurdejongnss-pam-ldapd
0.6.11
arthurdejongnss-pam-ldapd
0.6.12
arthurdejongnss-pam-ldapd
0.7.0
arthurdejongnss-pam-ldapd
0.7.1
arthurdejongnss-pam-ldapd
0.7.2
arthurdejongnss-pam-ldapd
0.7.3
arthurdejongnss-pam-ldapd
0.7.4
arthurdejongnss-pam-ldapd
0.7.5
arthurdejongnss-pam-ldapd
0.7.6
arthurdejongnss-pam-ldapd
0.7.7
arthurdejongnss-pam-ldapd
0.7.8
arthurdejongnss-pam-ldapd
0.7.9
arthurdejongnss-pam-ldapd
0.7.10
arthurdejongnss-pam-ldapd
0.7.11
arthurdejongnss-pam-ldapd
0.7.12
arthurdejongnss-pam-ldapd
0.7.13
arthurdejongnss-pam-ldapd
0.7.14
arthurdejongnss-pam-ldapd
0.7.15
arthurdejongnss-pam-ldapd
0.7.16
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nss-pam-ldapd
bullseye
0.9.11-1
fixed
bookworm
0.9.12-4
fixed
sid
0.9.12-9
fixed
trixie
0.9.12-9
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nss-pam-ldapd
trusty
not-affected
saucy
ignored
raring
ignored
quantal
ignored
precise
Fixed 0.8.4ubuntu0.3
released
oneiric
ignored
lucid
ignored
hardy
dne
References