CVE-2007-5794

EPSS 1.6%

libnss-ldap - information disclosure

發布日:2007/11/13修改日:2026/3/9

也稱為:DSA-1430-1DEBIAN-CVE-2007-5794

描述

Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.

受影響套件(2)

Debian/libnss-ldapfrom 0, < 256-1
Debian/libnss-ldapfrom 0, < 251-7.5etch1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-5794