|
|
CVE Reference: CVE-2007-3193 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3193 |
|
|
Description: lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/34819 SAID Secunia Advisory: SA25595 Secunia Advisory: SA26784 Secunia Advisory: SA26880 MISC http://sourceforge.net/tracker/index.php?func=detail&aid=1732882&group_id=6121&atid=106121 GENTOO http://security.gentoo.org/glsa/glsa-200709-10.xml DEBIAN http://www.debian.org/security/2007/dsa-1371 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=514820 |
|
| Return to the previous page. |
