Russell Sim

**Name of the Vulnerable Software and Affected Versions** nss-pam-ldapd version 0.8.0 **Description** The issue is related to the PAM module `nslcd/pam.c` in nss-pam-ldapd, which returns a success code when a user is not found in LDAP. This allows a remote attacker to bypass the authentication procedure. **Recommendations** For version 0.8.0, consider disabling the `nslcd/pam.c` PAM module until a patch is available to prevent remote attackers from bypassing authentication. Restrict access to the LDAP server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.