Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| padl_software | nss_ldap | build_185.1 |
| padl_software | nss_ldap | build_183 |
| padl_software | nss_ldap | build_188 |
| c-note | squid_auth_ldap | 1.2_b2 |
| padl_software | nss_ldap | build_185.3 |
| padl_software | nss_ldap | build_181 |
| padl_software | nss_ldap | build_185.2 |
| padl_software | nss_ldap | build_180 |
| padl_software | nss_ldap | build_184 |
| c-note | squid_auth_ldap | 1.0.2_beta |
| padl_software | pam_ldap | build_143 |
| padl_software | nss_ldap | build_186 |
| padl_software | nss_ldap | build_185 |
| c-note | squid_auth_ldap | 1.0.1 |
| padl_software | nss_ldap | build_187 |
| padl_software | nss_ldap | build_189 |
| c-note | squid_auth_ldap | 2.0 |