PublicDate: 2006-10-10 04:06:00 UTC
Candidate: CVE-2006-5170
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5170
Description:
 pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and
 earlier, and possibly other distributions does not return an error
 condition when an LDAP directory server responds with a
 PasswordPolicyResponse control response, which causes the pam_authenticate
 function to return a success code even if authentication has failed, as
 originally reported for xscreensaver.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_libpam-ldap: released (180-1ubuntu0.6.06)
edgy_libpam-ldap: released (180-1ubuntu0.6.10)
feisty_libpam-ldap: released (180-1.7)
devel_libpam-ldap: released (180-1.7)
upstream_libpam-ldap: needs-triage