Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.3 views

SUSE CVE-2010-2944

The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges...

7.5CVSS7.1AI score0.01336EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/08/27 12:0 a.m.15 views

Debian DSA-2096-1 : zope-ldapuserfolder - missing input validation

Jeremy James discovered that in LDAPUserFolder, a Zope extension used to authenticate against an LDAP server, the authentication code does not verify the password provided for the emergency user. Malicious users that manage to get the emergency user login can use this flaw to gain administrative...

7.5CVSS5.5AI score0.01336EPSS
Exploits0References3
Debian
Debian
added 2010/08/24 8:54 p.m.18 views

[SECURITY] [DSA 2096-1] New zope-ldapuserfolder packages fix authentication bypass

------------------------------------------------------------------------ Debian Security Advisory DSA-2096-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 24, 2010 http://www.debian.org/security/faq -...

7.5CVSS6.6AI score0.01336EPSS
Exploits0
Cvelist
Cvelist
added 2010/08/20 7:0 p.m.19 views

CVE-2010-2944

The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges...

6.9AI score0.01336EPSS
Exploits0References4
CVE
CVE
added 2010/08/20 7:0 p.m.44 views

CVE-2010-2944

CVE-2010-2944 affects zope-ldapuserfolder (LDAPUserFolder/LDAPUserFolder.py) with version 2.9-1, where the authentication code does not verify the emergency account password. This allows remote attackers to gain privileges on the Zope instance. Debian’s DSA-2096-1 fixes the issue by upgrading to ...

7.5CVSS7.1AI score0.01336EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder