CVE-2007-5794

Name of the Vulnerable Software and Affected Versions: nss ldap versions prior to 258

Description: A race condition in nss ldap might send user data to the wrong process because of improper handling of the LDAP connection. This issue can lead to a breach of confidentiality of protected information and can be exploited remotely. The problem was originally reported in applications linked against the pthread library and fork after a call to nss ldap, such as Dovecot, where it caused the wrong mailboxes to be returned. Other applications might also be affected.

Recommendations: For versions prior to 258, update to version 258 or later to resolve the issue. As a temporary workaround, consider restricting the use of nss ldap in applications that fork after a call to nss ldap to minimize the risk of exploitation.