CVE-2007-6714 - CVE Reference - Advisories

CVE Reference: CVE-2007-6714

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6714

Description: DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/41907 ST 1019914 SAID Secunia Advisory: SA29903 Secunia Advisory: SA29937 Secunia Advisory: SA29984 MLIST http://www.mail-archive.com/dbmail-dev@dbmail.org/msg09942.html GENTOO http://www.gentoo.org/security/en/glsa/glsa-200804-24.xml FEDORA CONFIRM http://dbmail.org/index.php?page=news&id=44 BID 28849

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows DNS Spoofing Vulnerabilities

2.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

3.	Microsoft Word Unspecified Code Execution Vulnerability

4.	Microsoft SQL Server and MSDE Multiple Vulnerabilities

5.	Microsoft Windows Explorer Saved Search Vulnerability

6.	ISC BIND Query Port DNS Cache Poisoning

7.	Cisco Products DNS Cache Poisoning Vulnerability

8.	Joomla Unauthorized Access Vulnerabilities

9.	Microsoft Outlook Web Access Script Insertion Vulnerabilities

10.	Dokeos "include" Local File Inclusion Vulnerability