6.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.5%
The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges.
bugs.debian.org/cgi-bin/bugreport.cgi?bug=593466
secunia.com/advisories/41022
www.openwall.com/lists/oss-security/2010/08/18/3
www.openwall.com/lists/oss-security/2010/08/19/7