CVE-2011-1025 in OpenLDAPinfo

Summary

bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

02/14/2011

Disclosure

03/19/2011

Moderation

VulDB entry created

Entries

1: VDB-56885

CPE

ready

CWE

CWE-287 (Confirmed)

CVSS

7.3

EPSS

0.07280

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1025
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1025
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1025/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!