Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-1024HistoryMar 20, 2011 - 2:00 a.m.
CVE-2011-1024
2011-03-2002:00:00
Debian Security Bug Tracker
security-tracker.debian.org
9
4.6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openldap | < 2.4.25-1 | openldap_2.4.25-1_all.deb |
| Debian | 11 | all | openldap | < 2.4.25-1 | openldap_2.4.25-1_all.deb |
| Debian | 10 | all | openldap | < 2.4.25-1 | openldap_2.4.25-1_all.deb |
| Debian | 999 | all | openldap | < 2.4.25-1 | openldap_2.4.25-1_all.deb |
| Debian | 13 | all | openldap | < 2.4.25-1 | openldap_2.4.25-1_all.deb |
Related
openvas
openvas
CentOS Update for compat-openldap CESA-2011:0346 centos5 x86_64
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2011-0346)
2015-10-06 00:00:00
CentOS Update for compat-openldap CESA-2011:0346 centos5 i386
2011-08-09 00:00:00
oraclelinux
oraclelinux
openldap security and bug fix update
2011-03-10 00:00:00
openldap security update
2011-03-10 00:00:00
prion
prion
Authentication flaw
2011-03-20 02:00:00
redhat
redhat
(RHSA-2011:0346) Moderate: openldap security and bug fix update
2011-03-10 00:00:00
(RHSA-2011:0347) Moderate: openldap security update
2011-03-10 00:00:00
(RHSA-2011:0439) Moderate: rhev-hypervisor security and bug fix update
2011-04-13 00:00:00
cve
cve
CVE-2011-1024
2011-03-20 02:00:00
centos
centos
compat, openldap security update
2011-04-14 23:48:17
veracode
veracode
Authentication Bypass
2020-04-10 00:59:40
ubuntucve
ubuntucve
CVE-2011-1024
2011-03-19 00:00:00
nessus
nessus
Scientific Linux Security Update : openldap on SL5.x i386/x86_64
2012-08-01 00:00:00
openSUSE Security Update : openldap2 (openSUSE-SU-2011:0356-1)
2011-05-05 00:00:00
openSUSE Security Update : openldap2 (openSUSE-SU-2011:0359-1)
2014-06-13 00:00:00
securityvulns
securityvulns
OpenLDAP vulnerabilities
2011-03-31 00:00:00
[ MDVSA-2011:055 ] openldap
2011-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: openldap-2.4.24-2.fc15
2011-04-21 05:33:29
[SECURITY] Fedora 14 Update: openldap-2.4.23-10.fc14
2011-09-25 03:47:40
ubuntu
ubuntu
OpenLDAP vulnerabilities
2011-03-31 00:00:00
gentoo
gentoo
OpenLDAP: Multiple vulnerabilities
2014-06-30 00:00:00
4.6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.7%
Related for DEBIANCVE:CVE-2011-1024