Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-1024

Опубликовано: 20 мар. 2011
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.6

Описание

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.

РелизСтатусПримечание
dapper

DNE

devel

released

2.4.23-6ubuntu6
hardy

DNE

karmic

released

2.4.18-0ubuntu1.2
lucid

released

2.4.21-0ubuntu5.4
maverick

released

2.4.23-0ubuntu3.5
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

not-affected

code not present
devel

DNE

hardy

DNE

karmic

DNE

lucid

DNE

maverick

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

2.4.9-0ubuntu0.8.04.5
karmic

DNE

lucid

DNE

maverick

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%
0.00247
Низкий

4.6 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2011-1024

redhat
почти 15 лет назад

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.

nvd логотип

CVE-2011-1024

nvd
больше 14 лет назад

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.

debian логотип

CVE-2011-1024

debian
больше 14 лет назад

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-sl ...

github логотип

GHSA-v9w5-g35w-fmjv

github
около 3 лет назад

chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.

oracle-oval логотип

ELSA-2011-0346

oracle-oval
больше 14 лет назад

ELSA-2011-0346: openldap security and bug fix update (MODERATE)

EPSS

Процентиль: 48%
0.00247
Низкий

4.6 Medium

CVSS2