CVE-2013-6796

EUVD-2013-6598
The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password, which triggers an LDAP anonymous bind.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Affected Products (NVD)
VendorProductVersion
deeproot_linuxdeepofix
𝑥
≤ 3.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/124054
http://www.exploit-db.com/exploits/29706
http://www.osvdb.org/100007
http://www.securityfocus.com/bid/63793
https://exchange.xforce.ibmcloud.com/vulnerabilities/89077
http://packetstormsecurity.com/files/124054
http://www.exploit-db.com/exploits/29706
http://www.osvdb.org/100007
http://www.securityfocus.com/bid/63793
https://exchange.xforce.ibmcloud.com/vulnerabilities/89077