aru Posted September 3, 2003 Report Share Posted September 3, 2003 MandrakeSoft Security Advisory MDKSA-2003:088 : pam_ldap September 2nd, 2003 Updated pam_ldap packages fix vulnerability with pam filtering A bug was fixed in pam_ldap 162 with the pam_filter mechanism which is commonly used for host-based access restriction in environments using LDAP for authentication. Mandrake Linux 9.1 provided pam_ldap 161 which had this problem and as a result, systems relying on pam_filter for host-based access restriction would allow any user, regardless of the host attribute associated with their account, to log into the system. All users who use LDAP-based authentication are encouraged to upgrade immediately. The released versions of Mandrake GNU/Linux affected are: Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:088 Posted automatically by aru (mdksec2mub v0.0.6) Link to comment Share on other sites More sharing options...
Recommended Posts