CVE Reference: CVE-2014-0132

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2014-0132

Description:
The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA57412
  Secunia Advisory: SA57427

REDHAT
  http://rhn.redhat.com/errata/RHSA-2014-0292.html

CONFIRM


Return to the previous page.