CVE-2006-7191

EPSS 0.07%

ldap-account-manager

Published: 4/3/2007Modified: 4/28/2026

Also known as:DEBIAN-CVE-2006-7191

Description

Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.

Affected packages (2)

Debian/ldap-account-managerfrom 0, < 1.0.0-1
Debian/ldap-account-managerfrom 0, < 0.4.9-2sarge1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-7191