Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 24 Mar 2009 21:05:49 -0400 (EDT)
From: "Steven M. Christey" <>
cc: "Steven M. Christey" <>
Subject: Re: CVE request -- ucd-snmp / net-snmp, libnss-ldapd
 / nss_ldap

On Tue, 24 Mar 2009, Vincent Danen wrote:

> * [2009-03-23 13:21:42 +0100] Jan Lieskovsky wrote:
> >2, libnss-ldapd / nss_ldap: LDAP service configuration file
> >                                 shipped with world readable permissions
> >   References:
> >
> >
> On a side note, this is pretty specific to libnss-ldapd and not so much
> nss_ldap.

So, the various bug reports and followups list:


Which package is actually affected and what versions might they be?

Use CVE-2009-1073, to be filled in once I have some more detail.

- Steve

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.