CVE-2006-5170

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.

Published: 2006-10-10 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2006-5170 is rated Moderate Risk (62.2/100): CVSS High severity, with medium exploitation likelihood (EPSS 4.35%). EPSS rose +1.16% over the last day, indicating growing attacker interest. Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-5170

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-12-28 3.19% 4.35% +1.16%
2 2025-12-27 4.35% 3.19% -1.16%
3 2025-10-28 4.35%

Full EPSS history (17 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-5170

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 6.4 [email protected]

Weakness enumeration for CVE-2006-5170

OS Trackers for CVE-2006-5170

vendor priority summary link
alpine CVE-2006-5170: no source package rows; 0 state rows across 0 repos (none); fixed 0, open 0. https://security.alpinelinux.org/vuln/CVE-2006-5170
debian medium CVE-2006-5170 medium priority: Debian including 1 source packages (libpam-ldap), 1 status rows across 1 suites (bullseye): resolved 1. https://security-tracker.debian.org/tracker/CVE-2006-5170
gentoo low CVE-2006-5170: 1 GLSA(s) (200612-19), 1 atom(s) (sys-auth/pam_ldap); latest impact low. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2006-5170
redhat medium https://access.redhat.com/security/cve/CVE-2006-5170
ubuntu medium CVE-2006-5170 medium priority: Ubuntu including 1 source packages (libpam-ldap), 4 status rows across 4 suites (dapper, edgy, feisty, upstream): released 3, needs-triage 1. https://ubuntu.com/security/CVE-2006-5170

Affected software / configurations for CVE-2006-5170

Vendor Product Version Raw CPE
fedoraproject fedora_core <= core_3.0 cpe:2.3:o:fedoraproject:fedora_core:*:*:*:*:*:*:*:*
redhat enterprise_linux 4.0 cpe:2.3:o:redhat:enterprise_linux:4.0:*:linux_kernel_2.6.9:*:*:*:*:*
redhat enterprise_linux 4.0 cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 4.0 cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
redhat enterprise_linux_for_ibm_z_systems 4.0_s390 cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:4.0_s390:*:*:*:*:*:*:*
redhat enterprise_linux_for_ibm_z_systems 4.0_s390x cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:4.0_s390x:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian 4.0 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:4.0:*:*:*:*:*:*:*
redhat enterprise_linux_server 4.0 cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 4.0 cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
debian debian_linux 3.1 cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

References for CVE-2006-5170

URL Tags
http://bugzilla.padl.com/show_bug.cgi?id=291 Broken Link Issue Tracking Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2006-0719.html Vendor Advisory
http://secunia.com/advisories/22682 Third Party Advisory
http://secunia.com/advisories/22685 Third Party Advisory
http://secunia.com/advisories/22694 Third Party Advisory
http://secunia.com/advisories/22696 Third Party Advisory
http://secunia.com/advisories/22869 Third Party Advisory
http://secunia.com/advisories/23132 Third Party Advisory
http://secunia.com/advisories/23428 Third Party Advisory
http://security.gentoo.org/glsa/glsa-200612-19.xml Vendor Advisory
http://securitytracker.com/id?1017153 Third Party Advisory VDB Entry
http://www.debian.org/security/2006/dsa-1203 Issue Tracking Patch Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:201 Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_27_sr.html Broken Link Vendor Advisory
http://www.securityfocus.com/archive/1/447859/100/200/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/20880 Third Party Advisory VDB Entry
http://www.trustix.org/errata/2006/0061/ Broken Link Third Party Advisory
http://www.vupen.com/english/advisories/2006/4319 Third Party Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=207286 Issue Tracking Vendor Advisory
https://issues.rpath.com/browse/RPL-680 Broken Link Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10418 Third Party Advisory
cvelogic Threat Intelligence