Unrated severityNVD Advisory· Published Jun 30, 2005· Updated Apr 16, 2026
CVE-2005-2069
CVE-2005-2069
Description
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- bugzilla.padl.com/show_bug.cginvdIssue TrackingPatchVendor Advisory
- www.openldap.org/its/index.cgi/IncomingnvdPatchVendor Advisory
- bugs.gentoo.org/show_bug.cginvdThird Party Advisory
- bugzilla.padl.com/show_bug.cginvdIssue TrackingVendor Advisory
- secunia.com/advisories/17233nvdThird Party Advisory
- secunia.com/advisories/17845nvdThird Party Advisory
- secunia.com/advisories/21520nvdThird Party Advisory
- support.avaya.com/elmodocs2/security/ASA-2006-157.htmnvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200507-13.xmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2005-751.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2005-767.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/14125nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/14126nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-152-1nvdThird Party Advisory
- wwwnew.mandriva.com/security/advisoriesnvdThird Party Advisory
- bugzilla.redhat.com/bugzilla/show_bug.cginvdIssue TrackingThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/21245nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9445nvdThird Party Advisory
- archives.neohapsis.com/archives/fulldisclosure/2005-07/0060.htmlnvdBroken Link
- www.osvdb.org/17692nvdBroken Link
News mentions
0No linked articles in our index yet.