Skip to navigation

Security Advisory Important: nss-pam-ldapd security update

Advisory: RHSA-2013:0590-1
Type: Security Advisory
Severity: Important
Issued on: 2013-03-04
Last updated on: 2013-03-04
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.4)
Red Hat Enterprise Linux Server EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-0288

Details

Updated nss-pam-ldapd packages that fix one security issue are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The nss-pam-ldapd packages provide the nss-pam-ldapd daemon (nslcd), which
uses a directory server to lookup name service information on behalf of a
lightweight nsswitch module.

An array index error, leading to a stack-based buffer overflow flaw, was
found in the way nss-pam-ldapd managed open file descriptors. An attacker
able to make a process have a large number of open file descriptors and
perform name lookups could use this flaw to cause the process to crash or,
potentially, execute arbitrary code with the privileges of the user running
the process. (CVE-2013-0288)

Red Hat would like to thank Garth Mollett for reporting this issue.

All users of nss-pam-ldapd are advised to upgrade to these updated
packages, which contain a backported patch to fix this issue.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
File outdated by:  RHBA-2013:1146
    MD5: e03cb3090473e9bba1c798ecbce28f1b
SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
 
IA-32:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
 
x86_64:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: d656af77f2cd4a74bcc3b5bc32c7e3f3
SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8b0b8222fbcb6c32c25fc9b6fb914991
SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
File outdated by:  RHBA-2013:1146
    MD5: e03cb3090473e9bba1c798ecbce28f1b
SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
 
x86_64:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: d656af77f2cd4a74bcc3b5bc32c7e3f3
SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8b0b8222fbcb6c32c25fc9b6fb914991
SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
File outdated by:  RHBA-2013:1146
    MD5: e03cb3090473e9bba1c798ecbce28f1b
SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
 
IA-32:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
 
PPC:
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc.rpm
File outdated by:  RHBA-2013:1146
    MD5: 433b064414cf5ef89ee1aec0f797a723
SHA-256: 6cd1aa45793e6458689ba074fcf1f8c6b806e12b5755a4f917b6a73bd8b71a01
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 5b0d4a294fc4b7039e71e9a3898df27c
SHA-256: 0e9c85a8231c66d8e2423021f7985b5103ee1f9bd027f6c3fb5f9924685364c4
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc.rpm
File outdated by:  RHBA-2013:1146
    MD5: 5608aed1eef4c41ffa93b9e933d8111e
SHA-256: 12d3f99cb9ea5fd618a44a11c5f4040dcc2978a8c7e3034e9a6ef9d10f52518e
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 3b11833d30870a0fcfe3eb7b95a5c239
SHA-256: 4b711044c6c93baa82664e7d3102940ae345c27d681fd17937124b194a3e9aa3
 
s390x:
nss-pam-ldapd-0.7.5-18.1.el6_4.s390.rpm
File outdated by:  RHBA-2013:1146
    MD5: 056420ba31b0170ac74a5e2e2a3629aa
SHA-256: 7a01fa97fe3ac71742f6ae1f0528607cdac132d7dc5a4a0fac270ff9f7b01b20
nss-pam-ldapd-0.7.5-18.1.el6_4.s390x.rpm
File outdated by:  RHBA-2013:1146
    MD5: 154e3ce173472706f1d6033ece86fc5a
SHA-256: 101459d84657b8758fed0b180299f46d282ee837a08c7356fea7dca17ab62a3f
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8de46b5993d91650a197ace73bfee568
SHA-256: a7b2682690c23f84d7f99b0d9516ea7b805b97bf2ca74f2a5faa5721993f8651
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390x.rpm
File outdated by:  RHBA-2013:1146
    MD5: eb424e6cc2151f15f4d6a04af33ba6dd
SHA-256: 1d02b4523e5602a5d3ef2d34d3ca63fcc79d90e829cd9b53610a3b76bb25b728
 
x86_64:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: d656af77f2cd4a74bcc3b5bc32c7e3f3
SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8b0b8222fbcb6c32c25fc9b6fb914991
SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
 
Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
File outdated by:  RHBA-2013:1146
    MD5: e03cb3090473e9bba1c798ecbce28f1b
SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
 
x86_64:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: d656af77f2cd4a74bcc3b5bc32c7e3f3
SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8b0b8222fbcb6c32c25fc9b6fb914991
SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
 
Red Hat Enterprise Linux Server EUS (v. 6.4.z)

SRPMS:
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
File outdated by:  RHBA-2013:1146
    MD5: e03cb3090473e9bba1c798ecbce28f1b
SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
 
IA-32:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
 
PPC:
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc.rpm
File outdated by:  RHBA-2013:1146
    MD5: 433b064414cf5ef89ee1aec0f797a723
SHA-256: 6cd1aa45793e6458689ba074fcf1f8c6b806e12b5755a4f917b6a73bd8b71a01
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 5b0d4a294fc4b7039e71e9a3898df27c
SHA-256: 0e9c85a8231c66d8e2423021f7985b5103ee1f9bd027f6c3fb5f9924685364c4
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc.rpm
File outdated by:  RHBA-2013:1146
    MD5: 5608aed1eef4c41ffa93b9e933d8111e
SHA-256: 12d3f99cb9ea5fd618a44a11c5f4040dcc2978a8c7e3034e9a6ef9d10f52518e
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 3b11833d30870a0fcfe3eb7b95a5c239
SHA-256: 4b711044c6c93baa82664e7d3102940ae345c27d681fd17937124b194a3e9aa3
 
s390x:
nss-pam-ldapd-0.7.5-18.1.el6_4.s390.rpm
File outdated by:  RHBA-2013:1146
    MD5: 056420ba31b0170ac74a5e2e2a3629aa
SHA-256: 7a01fa97fe3ac71742f6ae1f0528607cdac132d7dc5a4a0fac270ff9f7b01b20
nss-pam-ldapd-0.7.5-18.1.el6_4.s390x.rpm
File outdated by:  RHBA-2013:1146
    MD5: 154e3ce173472706f1d6033ece86fc5a
SHA-256: 101459d84657b8758fed0b180299f46d282ee837a08c7356fea7dca17ab62a3f
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8de46b5993d91650a197ace73bfee568
SHA-256: a7b2682690c23f84d7f99b0d9516ea7b805b97bf2ca74f2a5faa5721993f8651
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390x.rpm
File outdated by:  RHBA-2013:1146
    MD5: eb424e6cc2151f15f4d6a04af33ba6dd
SHA-256: 1d02b4523e5602a5d3ef2d34d3ca63fcc79d90e829cd9b53610a3b76bb25b728
 
x86_64:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: d656af77f2cd4a74bcc3b5bc32c7e3f3
SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8b0b8222fbcb6c32c25fc9b6fb914991
SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm
File outdated by:  RHBA-2013:1146
    MD5: e03cb3090473e9bba1c798ecbce28f1b
SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
 
IA-32:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
 
x86_64:
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 32b5ceba831030e77d4f60e3d02c706f
SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: d656af77f2cd4a74bcc3b5bc32c7e3f3
SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm
File outdated by:  RHBA-2013:1146
    MD5: 53e16cf76fee7ac02cf19dcd40701fa6
SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm
File outdated by:  RHBA-2013:1146
    MD5: 8b0b8222fbcb6c32c25fc9b6fb914991
SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

909119 - CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/