CVE-2006-5660

Cisco Security Agent Management Center CSAMC 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server...

CVE-2006-5660

Cisco Security Agent Management Center CSAMC 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server...

CVE-2006-5660

Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 is vulnerable to authentication bypass when configured to use an external LDAP server. A remote attacker who knows a valid administrator username can supply a blank password and gain administrative access to CSAMC with administrat...

Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass Advisory ID: cisco-sa-20061101-csamc http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml Revision 1.0 For Public Release 2006...

Cisco安全代理管理中心认证绕过漏洞

Cisco安全代理（CSA）可以为服务器和桌面计算系统提供威胁防护。安全代理管理中心（CSAMC）是用于管理CSA的控制台。 CSA在处理LDAP认证时存在漏洞，远程攻击者可能利用此漏洞非授权获取管理权限。 如果配置CSAMC使用LDAP进行认证的话，攻击者就可以提供有效的管理员用户名和空（0字节长度）口令，以该管理员角色的权限获得CSAMC应用的管理访问。当CSAMC错误的处理了来自LDAP服务器的认证失败消息时就会触发这个漏洞。...