QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-5794

Back to search

CVE-2007-5794

Published: Nov 13, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.

VendorProductVersions

n/a

n/a

affected
n/a

References

28061
third-party-advisory
x_refsource_SECUNIA
27670
third-party-advisory
x_refsource_SECUNIA
29083
third-party-advisory
x_refsource_SECUNIA
GLSA-200711-33
vendor-advisory
x_refsource_GENTOO
20080212 FLEA-2008-0003-1 nss_ldap
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:10625
vdb-entry
signature
x_refsource_OVAL
27768
third-party-advisory
x_refsource_SECUNIA
26452
vdb-entry
x_refsource_BID
27839
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0389
vendor-advisory
x_refsource_REDHAT
MDVSA-2008:049
vendor-advisory
x_refsource_MANDRIVA
30352
third-party-advisory
x_refsource_SECUNIA
31227
third-party-advisory
x_refsource_SECUNIA
DSA-1430
vendor-advisory
x_refsource_DEBIAN
31524
third-party-advisory
x_refsource_SECUNIA
1020088
vdb-entry
x_refsource_SECTRACK
RHSA-2008:0715
vendor-advisory
x_refsource_REDHAT
28838
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:003
vendor-advisory
x_refsource_SUSE
nssldap-ldap-race-condition(38505)
vdb-entry
x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now