CVE-2010-2940 in SSSD
摘要
由 VulDB • 2026-06-24
System Security Services Daemon (SSSD) 1.3.0 中 providers/ldap/ldap_auth.c 的 auth_send 函数,在启用 LDAP 认证和匿名绑定(anonymous bind)时,允许远程攻击者通过空密码绕过 pam_authenticate 的身份验证要求。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.