[Full-disclosure] FLEA-2008-0003-1 nss_ldap



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Foresight Linux Essential Advisory: 2008-0003-1
Published: 2008-02-11

Rating: Minor

Updated Versions:
nss_ldap=/conary.rpath.com@rpl:devel//1/239-9.2-1
group-dist=/foresight.rpath.org@fl:1-devel//1/1.4.2-0.7-3

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794
http://wiki.rpath.com/Advisories:rPSA-2007-0255

Description:
Previous versions of nss_ldap contain a race condition that can allow
nss_ldap to return the wrong information, allowing for the possibility of
improper information disclosure.

- ---

Copyright 2008 Foresight Linux Project
This file is distributed under the terms of the MIT License.
A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.8 (GNU/Linux)

iQIcBAEBAgAGBQJHsVi/AAoJENfwEn07iAtZLs0QAM1moc22EEiI9KjFJF1IuBb9
0liRnLyVsWBHzYOqAIlvPFhzUfMvODJs+9L1UnwKEXidkBUWcwLh6a6A6Um5cQWv
r6f+R/HHutcWuVfOv5W0rv6j16sdvpbIxiB3mgEiHR3hP8HGHcN9e5xAPVRqT1eF
z0DlEsZrp++fhLMn7vU3dRN0sUFr3S2WqJvQnZbKADGLXQs2lBqE4nLqPOL/UqAK
IkFjJL0A7A5JeI3npqHQIRpCNhYWmZCvi/ulzFvMQmXOJ47K/hfESJoanG95aVPb
z4w3eammw27HMakYD+YFhrx80TlAKX5VRC4vhzDoqe8Fs5g9gPp9JmOclh7/+EHE
/ENu1H0haVROOZofgWr9YHXCXEiV2WOuVdSoo6DYGqnWasEV0cBVGJZChz/Ho2KK
tfFhs7BHjd0Z12SZFwbgkzsnkcvgn/3yG2YlbT67Sbfpo4gxplRL9JlNP1rH/2kP
or8V7l1Id/BgtLdash9Q9WcnpQAAnCq+jEiz5nA7PWURw7QNjv3ssy6Akg5kfkEZ
V05vs1RNGbJefq2mcKcxLwRLHhPFRiGQMfS5a0+Ta/wD0Xz8qrYuISb38TBerrEA
ZCbvVyecuzXodT4DFVIwwEQaLj9jYjJB8xYYSrCbPjIUJmU956+Nf2XzlXLCFekG
A3nNY7P+qVgGGxUnbfKq
=CK6W
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • FLEA-2008-0003-1 nss_ldap
    ... Rating: Minor ... Previous versions of nss_ldap contain a race condition that can allow ... improper information disclosure. ... Copyright 2008 Foresight Linux Project ...
    (Bugtraq)
  • [Full-disclosure] FLEA-2007-0023-1: firefox
    ... Rating: Major ... Previous versions of the firefox package are vulnerable to several types of ... Copyright 2007 Foresight Linux Project ... Portions Copyright 2007 rPath, Inc. ...
    (Full-Disclosure)
  • [Full-disclosure] FLEA-2007-0033-1: firefox thunderbird
    ... Rating: Major ... Previous versions of the firefox and thunderbird packages are ... Copyright 2007 Foresight Linux Project ...
    (Full-Disclosure)
  • [Full-disclosure] FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts
    ... Foresight Linux Essential Advisory: 2008-0006-1 ... Rating: Minor ... Previous versions of the tetex package are vulnerable to multiple issues, ... Copyright 2008 Foresight Linux Project ...
    (Full-Disclosure)
  • [Full-disclosure] FLEA-2007-0057-1 pidgin
    ... Foresight Linux Essential Advisory: 2007-0057-1 ... Rating: Minor ... Previous versions of the pidgin package are vulnerable to a Denial of ... Copyright 2007 Foresight Linux Project ...
    (Full-Disclosure)