pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Nss_ldap | Padl | - (including) | - (including) |
| Pam_ldap | Padl | - (including) | - (including) |
| Red Hat Enterprise Linux 3 | RedHat | nss_ldap-0:207-17 | * |
| Red Hat Enterprise Linux 3 | RedHat | openldap-0:2.0.27-20 | * |
| Red Hat Enterprise Linux 4 | RedHat | nss_ldap-0:226-10 | * |
| Red Hat Enterprise Linux 4 | RedHat | openldap-0:2.2.13-4 | * |
| Libnss-ldap | Ubuntu | dapper | * |
| Libnss-ldap | Ubuntu | edgy | * |
| Libnss-ldap | Ubuntu | feisty | * |
| Openldap2 | Ubuntu | dapper | * |
| Openldap2 | Ubuntu | devel | * |
| Openldap2 | Ubuntu | edgy | * |
| Openldap2 | Ubuntu | feisty | * |
| Openldap2.2 | Ubuntu | dapper | * |
| Openldap2.2 | Ubuntu | edgy | * |
| Openldap2.3 | Ubuntu | devel | * |
| Openldap2.3 | Ubuntu | feisty | * |