CVE-2014-9043

2015-02-04T13:59:03
ID CVE-2014-9043
Type cve
Reporter NVD
Modified 2015-02-05T10:21:12

Description

The user_ldap (aka LDAP user and group backend) application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind.