pam_ldap -- authentication bypass vulnerability

ID 38C76FCF-1744-11DA-978E-0001020EED82
Type freebsd
Reporter FreeBSD
Modified 2005-08-22T00:00:00


Luke Howard reports:

If a pam_ldap client authenticates against an LDAP server that returns a passwordPolicyResponse control, but omits the optional "error" field of the PasswordPolicyResponseValue, then the LDAP authentication result will be ignored and the authentication step will always succeed.