CVE-2010-2940 in SSSD信息

摘要

由 VulDB • 2026-06-24

System Security Services Daemon (SSSD) 1.3.0 中 providers/ldap/ldap_auth.c 的 auth_send 函数,在启用 LDAP 认证和匿名绑定(anonymous bind)时,允许远程攻击者通过空密码绕过 pam_authenticate 的身份验证要求。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Want to know what is going to be exploited?

We predict KEV entries!