47 matches found
DLA-79-1 dokuwiki - security update
Bulletin has no description...
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null \0 character, which triggers an anonymous bind...
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null \0 character, which triggers an anonymous bind...
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null \0 character, which triggers an anonymous bind...
CVE-2014-8764
DokuWiki (pre-2014-05-05a/b) is vulnerable to LDAP/Active Directory authentication bypass via a leading null byte in credentials. CVE-2014-8764 (anonymous bind) and related CVEs (e.g., CVE-2014-8763/8762/8761) are fixed in subsequent updates across distros (Debian DSA-3059, DLA-79-1; Mageia/MGASA...
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null \0 character, which triggers an anonymous bind...
CVE-2014-8764
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null \0 character, which triggers an anonymous bind...