RHSA-2013:0590 - Security Advisory

Overview
Updated Packages

Synopsis

Important: nss-pam-ldapd security update

Type/Severity

Security Advisory: Important

Topic

Updated nss-pam-ldapd packages that fix one security issue are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

The nss-pam-ldapd packages provide the nss-pam-ldapd daemon (nslcd), which
uses a directory server to lookup name service information on behalf of a
lightweight nsswitch module.

An array index error, leading to a stack-based buffer overflow flaw, was
found in the way nss-pam-ldapd managed open file descriptors. An attacker
able to make a process have a large number of open file descriptors and
perform name lookups could use this flaw to cause the process to crash or,
potentially, execute arbitrary code with the privileges of the user running
the process. (CVE-2013-0288)

Red Hat would like to thank Garth Mollett for reporting this issue.

All users of nss-pam-ldapd are advised to upgrade to these updated
packages, which contain a backported patch to fix this issue.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Server - Extended Update Support 6.4 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 6.4 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.4 s390x
Red Hat Enterprise Linux for Power, big endian 6 ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.4 ppc64
Red Hat Enterprise Linux for Scientific Computing 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 i386
Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 x86_64
Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 i386
Red Hat Gluster Storage Server for On-premise 2.1 x86_64
Red Hat Storage for Public Cloud (via RHUI) 2.1 x86_64
Red Hat Enterprise Linux Server - AUS 6.4 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux for IBM z Systems 6 s390x

Fixes

BZ - 909119 - CVE-2013-0288 nss-pam-ldapd: FD_SET array index error, leading to stack-based buffer overflow

CVEs

CVE-2013-0288

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
i386
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d

Red Hat Enterprise Linux Server - Extended Update Support 6.4

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
i386
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d

Red Hat Enterprise Linux Server - AUS 6.4

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078

Red Hat Enterprise Linux Workstation 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
i386
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d

Red Hat Enterprise Linux Desktop 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
i386
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
s390x
nss-pam-ldapd-0.7.5-18.1.el6_4.s390.rpm	SHA-256: 7a01fa97fe3ac71742f6ae1f0528607cdac132d7dc5a4a0fac270ff9f7b01b20
nss-pam-ldapd-0.7.5-18.1.el6_4.s390x.rpm	SHA-256: 101459d84657b8758fed0b180299f46d282ee837a08c7356fea7dca17ab62a3f
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390.rpm	SHA-256: a7b2682690c23f84d7f99b0d9516ea7b805b97bf2ca74f2a5faa5721993f8651
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390x.rpm	SHA-256: 1d02b4523e5602a5d3ef2d34d3ca63fcc79d90e829cd9b53610a3b76bb25b728

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.4

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
s390x
nss-pam-ldapd-0.7.5-18.1.el6_4.s390.rpm	SHA-256: 7a01fa97fe3ac71742f6ae1f0528607cdac132d7dc5a4a0fac270ff9f7b01b20
nss-pam-ldapd-0.7.5-18.1.el6_4.s390x.rpm	SHA-256: 101459d84657b8758fed0b180299f46d282ee837a08c7356fea7dca17ab62a3f
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390.rpm	SHA-256: a7b2682690c23f84d7f99b0d9516ea7b805b97bf2ca74f2a5faa5721993f8651
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.s390x.rpm	SHA-256: 1d02b4523e5602a5d3ef2d34d3ca63fcc79d90e829cd9b53610a3b76bb25b728

Red Hat Enterprise Linux for Power, big endian 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
ppc64
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc.rpm	SHA-256: 6cd1aa45793e6458689ba074fcf1f8c6b806e12b5755a4f917b6a73bd8b71a01
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc64.rpm	SHA-256: 0e9c85a8231c66d8e2423021f7985b5103ee1f9bd027f6c3fb5f9924685364c4
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc.rpm	SHA-256: 12d3f99cb9ea5fd618a44a11c5f4040dcc2978a8c7e3034e9a6ef9d10f52518e
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc64.rpm	SHA-256: 4b711044c6c93baa82664e7d3102940ae345c27d681fd17937124b194a3e9aa3

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.4

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
ppc64
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc.rpm	SHA-256: 6cd1aa45793e6458689ba074fcf1f8c6b806e12b5755a4f917b6a73bd8b71a01
nss-pam-ldapd-0.7.5-18.1.el6_4.ppc64.rpm	SHA-256: 0e9c85a8231c66d8e2423021f7985b5103ee1f9bd027f6c3fb5f9924685364c4
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc.rpm	SHA-256: 12d3f99cb9ea5fd618a44a11c5f4040dcc2978a8c7e3034e9a6ef9d10f52518e
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.ppc64.rpm	SHA-256: 4b711044c6c93baa82664e7d3102940ae345c27d681fd17937124b194a3e9aa3

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078

Red Hat Enterprise Linux Server from RHUI 6

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
i386
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078
i386
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d

Red Hat Gluster Storage Server for On-premise 2.1

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078

Red Hat Storage for Public Cloud (via RHUI) 2.1

SRPM
nss-pam-ldapd-0.7.5-18.1.el6_4.src.rpm	SHA-256: f4497590d6ac08bad978029a91ec91af910472e1bab68dec1ae56994999bfe40
x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm	SHA-256: 047992238061456003775aa230582d85a633183e1c19b7590741edaa28c5b951
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: b3d066efefc661577fe443ad3578a3123dcd720af645677a886e53f857955eab
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.i686.rpm	SHA-256: f83fcfa9c072da101e02c8c4c742880d47512bb77ee4180fc12dab796641dc3d
nss-pam-ldapd-debuginfo-0.7.5-18.1.el6_4.x86_64.rpm	SHA-256: f1565b2de5878b34a4b4ff5d926450d9334904e141da3fef71236cf3cdea6078

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.