Below is a list of vulnerabilities and exposures in PADL open source software as noted by the MITRE Common Vulnerabilties and Exposures (CVE) list. (Some vulnerabilities are candidates for inclusion only.)
CAN-2005-2641: Logic error in pam_ldap that can let an unauthenticated user logon when password policy control is in use.
CAN-2002-0825: Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CAN-2002-0374: Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.
CVE-2000-1045: nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.