FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nss-pam-ldapd -- file descriptor buffer overflow

Affected packages
nss-pam-ldapd < 0.8.12

Details

VuXML ID 58c15292-7b61-11e2-95da-001e8c1a8a0e
Discovery 2013-02-18
Entry 2013-02-20

Garth Mollett reports:

A file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process that has the NSS or PAM module loaded to crash or potentially execute arbitrary code.

References

CVE Name CVE-2013-0288