CVE-2011-1024
20.03.2011, 02:00
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.Enginsight
Vendor | Product | Version |
---|---|---|
openldap | openldap | 2.4.6 |
openldap | openldap | 2.4.7 |
openldap | openldap | 2.4.8 |
openldap | openldap | 2.4.9 |
openldap | openldap | 2.4.10 |
openldap | openldap | 2.4.11 |
openldap | openldap | 2.4.12 |
openldap | openldap | 2.4.13 |
openldap | openldap | 2.4.14 |
openldap | openldap | 2.4.15 |
openldap | openldap | 2.4.16 |
openldap | openldap | 2.4.17 |
openldap | openldap | 2.4.18 |
openldap | openldap | 2.4.19 |
openldap | openldap | 2.4.20 |
openldap | openldap | 2.4.21 |
openldap | openldap | 2.4.22 |
openldap | openldap | 2.4.23 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Ubuntu Product | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
openldap |
| ||||||||||
openldap2.2 |
| ||||||||||
openldap2.3 |
|
Common Weakness Enumeration
References