Descriptionnss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- openSUSE-SU-2013:0522-1, published Fri, 22 Mar 2013 21:04:49 +0100 (CET)
- openSUSE-SU-2013:0522-2, published Fri, 22 Mar 2013 22:04:41 +0100 (CET)
- openSUSE-SU-2013:0524-1, published Fri, 22 Mar 2013 23:04:49 +0100 (CET)
SUSE Timeline for this CVECVE page created: Fri Jun 28 13:17:39 2013
CVE page last modified: Mon Feb 13 11:40:30 2023