Vulnerabilities

CVE-2010-2940

by Fred · 30/08/2010

The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind are enabled, allows remote attackers to bypass the authentication requirements of pam_authenticate via an empty password.

Date published : 2010-08-30

https://bugzilla.redhat.com/show_bug.cgi?id=625189

http://secunia.com/advisories/41159

Related

Tags: Cybersecurity Alert