Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pam_ldap | Padl_software | * | 144 (including) |