Launchpad CVE tracker

CVE 2013-0288

nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.

Related bugs and status

CVE-2013-0288 (Candidate) is related to these bugs:

Bug #1343345: Buffer overflow running busy server on precise

Summary				In	Importance	Status
	1343345	Buffer overflow running busy server on precise		nss-pam-ldapd (Ubuntu)	Undecided	Incomplete

Bug #1347614: Fix for CVE-2013-0288 in precise package

Summary				In	Importance	Status
	1347614	Fix for CVE-2013-0288 in precise package		nss-pam-ldapd (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.debian.org...
MISC: https://bugzilla.redha...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://www.mandriva.co...
MISC: http://rhn.redhat.com/...
MISC: http://lists.arthurdej...
MISC: http://www.openwall.co...
MISC: http://arthurdejong.or...
MISC: http://arthurdejong.or...
MISC: http://arthurdejong.or...
MISC: https://wiki.mageia.or...
MISC: https://exchange.xforc...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....

Launchpad.net

CVE 2013-0288

Related bugs and status

Related bugs

References