SuSE9 Security Update : pam_ldap (YOU Patch Number 11259)
High Nessus Plugin ID 41103
SynopsisThe remote SuSE 9 host is missing a security-related patch.
Descriptionpam_ldap in nss_ldap does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. (CVE-2006-5170)
SolutionApply YOU patch number 11259.