exploits , vulnerabilities , articles , OpenLDAP Ambiguous Password Attribute Weakness

Title	OpenLDAP Ambiguous Password Attribute Weakness
Published	2004-09-07-12:00AM
Updated	2004-09-07-11:38PM
Class	Design Error
CVE	CAN-2004-0823
Remote	Yes
Local	No
Credit	Steve Revilak of Kayak Software Corporation disclosed this weakness.
Vulnerable	OpenLDAP OpenLDAP 2.1.19 OpenLDAP OpenLDAP 2.1.18 OpenLDAP OpenLDAP 2.1.17 OpenLDAP OpenLDAP 2.1.16 Conectiva Linux 9.0 OpenLDAP OpenLDAP 2.1.15 OpenLDAP OpenLDAP 2.1.14 OpenLDAP OpenLDAP 2.1.13 OpenLDAP OpenLDAP 2.1.12 S.u.S.E. Linux Personal 8.2 OpenLDAP OpenLDAP 2.1.11 OpenLDAP OpenLDAP 2.1.10 OpenLDAP OpenLDAP 2.1.4 Conectiva Linux Enterprise Edition 1.0 OpenLDAP OpenLDAP 2.1 .20 OpenLDAP OpenLDAP 2.0.27 OpenLDAP OpenLDAP 2.0.25 Conectiva Linux 8.0 Gentoo Linux 1.2 Gentoo Linux 1.4 _rc1 MandrakeSoft Linux Mandrake 9.0 RedHat Linux 8.0 RedHat Linux 8.0 i386 OpenLDAP OpenLDAP 2.0.23 Debian Linux 3.0 Debian Linux 3.0 alpha Debian Linux 3.0 arm Debian Linux 3.0 hppa Debian Linux 3.0 ia32 Debian Linux 3.0 ia64 Debian Linux 3.0 m68k Debian Linux 3.0 mips Debian Linux 3.0 mipsel Debian Linux 3.0 ppc Debian Linux 3.0 s/390 Debian Linux 3.0 sparc RedHat Linux 7.3 RedHat Linux 7.3 i386 S.u.S.E. Linux 8.0 OpenLDAP OpenLDAP 2.0.22 OpenLDAP OpenLDAP 2.0.21 Conectiva Linux 6.0 Conectiva Linux 7.0 MandrakeSoft Linux Mandrake 8.2 MandrakeSoft Linux Mandrake 8.2 ppc OpenLDAP OpenLDAP 2.0.20 OpenLDAP OpenLDAP 2.0.19 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.18 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.17 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.16 OpenLDAP OpenLDAP 2.0.15 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.14 MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.1 ia64 OpenLDAP OpenLDAP 2.0.13 OpenLDAP OpenLDAP 2.0.12 S.u.S.E. Linux 7.3 S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 sparc OpenLDAP OpenLDAP 2.0.11 9 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1.1 OpenLDAP OpenLDAP 2.0.11 11S Caldera OpenLinux eBuilder 3.0 SCO eServer 2.3.1 OpenLDAP OpenLDAP 2.0.11 11 Caldera OpenLinux 3.1 IA64 Caldera OpenLinux Server 3.1 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1 Caldera OpenLinux Workstation 3.1.1 OpenLDAP OpenLDAP 2.0.11 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1.1 Conectiva Linux 6.0 Conectiva Linux 7.0 HP Secure OS software for Linux 1.0 RedHat Linux 7.2 RedHat Linux 7.2 alpha RedHat Linux 7.2 i386 RedHat Linux 7.2 ia64 S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.1 alpha S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.2 OpenLDAP OpenLDAP 2.0.10 OpenLDAP OpenLDAP 2.0.9 OpenLDAP OpenLDAP 2.0.8 OpenLDAP OpenLDAP 2.0.7 Caldera OpenLinux 3.1 IA64 Caldera OpenLinux eBuilder 3.0 Caldera OpenLinux Server 3.1 Caldera OpenLinux Workstation 3.1 HP Secure OS software for Linux 1.0 MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 8.0 ppc RedHat Linux 7.1 RedHat Linux 7.1 alpha RedHat Linux 7.1 i386 RedHat Linux 7.1 ia64 SCO eServer 2.3.1 OpenLDAP OpenLDAP 2.0.6 OpenLDAP OpenLDAP 2.0.5 OpenLDAP OpenLDAP 2.0.4 OpenLDAP OpenLDAP 2.0.3 OpenLDAP OpenLDAP 2.0.2 OpenLDAP OpenLDAP 2.0.1 OpenLDAP OpenLDAP 2.0 OpenLDAP OpenLDAP 1.2.13 Trustix Secure Linux 1.1 Trustix Secure Linux 1.2 Trustix Secure Linux 1.5 OpenLDAP OpenLDAP 1.2.12 OpenLDAP OpenLDAP 1.2.11 Debian Linux 2.2 Debian Linux 2.2 68k Debian Linux 2.2 alpha Debian Linux 2.2 arm Debian Linux 2.2 powerpc Debian Linux 2.2 sparc RedHat Linux 7.0 RedHat Linux 7.0 i386 OpenLDAP OpenLDAP 1.2.10 OpenLDAP OpenLDAP 1.2.9 RedHat Linux 6.2 RedHat Linux 6.2 i386 OpenLDAP OpenLDAP 1.2.8 OpenLDAP OpenLDAP 1.2.7 OpenLDAP OpenLDAP 1.2.6 OpenLDAP OpenLDAP 1.2.5 OpenLDAP OpenLDAP 1.2.4 OpenLDAP OpenLDAP 1.2.3 OpenLDAP OpenLDAP 1.2.2 OpenLDAP OpenLDAP 1.2.1 OpenLDAP OpenLDAP 1.2 OpenLDAP OpenLDAP 1.1.4 OpenLDAP OpenLDAP 1.1.3 OpenLDAP OpenLDAP 1.1.2 OpenLDAP OpenLDAP 1.1.1 OpenLDAP OpenLDAP 1.1 OpenLDAP OpenLDAP 1.0.3 OpenLDAP OpenLDAP 1.0.2 OpenLDAP OpenLDAP 1.0.1 OpenLDAP OpenLDAP 1.0 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.2.8 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.2.8
Not Vulnerable
Code	An exploit is not required.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-10 GNU Coreutils Insecure Temporary File Creation Vulnerability
• 2009-12-10 WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
• 2009-12-10 Moodle Multiple Vulnerabilities
• 2009-12-10 Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
• 2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
• 2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
• 2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
• 2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
• 2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
• 2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 11 Dec 2009 15:45:57 +0000