8 matches found
Mageia: Security Advisory (MGASA-2015-0181)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : cherokee (MDVSA-2015:225)
Updated cherokee packages fix security vulnerability : The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty...
MGASA-2015-0181 Updated cherokee packages fix CVE-2014-4668
Updated cherokee packages fix security vulnerability: The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty...
Fedora 21 : cherokee-1.2.103-6.fc21 (2015-6392)
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...
Fedora 20 : cherokee-1.2.103-6.fc20 (2015-6279)
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...
Fedora 22 : cherokee-1.2.103-6.fc22 (2015-6194)
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...
CVE-2014-4668
The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password...
CVE-2014-4668
CVE-2014-4668 affects Cherokee 1.2.103 and earlier when using LDAP: the cherokee_validator_ldap_check function does not properly handle unauthenticated-bind semantics, allowing authentication bypass via an empty password. Connected advisories confirm that updates were released across multiple dis...