libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libuser | <Â 1:0.56.9.dfsg.1-1.1 | libuser_1:0.56.9.dfsg.1-1.1_all.deb |
Debian | 11 | all | libuser | <Â 1:0.56.9.dfsg.1-1.1 | libuser_1:0.56.9.dfsg.1-1.1_all.deb |
Debian | 10 | all | libuser | <Â 1:0.56.9.dfsg.1-1.1 | libuser_1:0.56.9.dfsg.1-1.1_all.deb |
Debian | 999 | all | libuser | <Â 1:0.56.9.dfsg.1-1.1 | libuser_1:0.56.9.dfsg.1-1.1_all.deb |
Debian | 13 | all | libuser | <Â 1:0.56.9.dfsg.1-1.1 | libuser_1:0.56.9.dfsg.1-1.1_all.deb |