Lucene search
+L

4 matches found

NVD
NVD
added 2015/02/10 8:59 p.m.19 views

CVE-2015-1169

Apereo Central Authentication Service CAS Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication...

7.5CVSS7.1AI score0.02843EPSS
Exploits3References5
CVE
CVE
added 2015/02/10 8:0 p.m.100 views

CVE-2015-1169

The CVE-2015-1169 entry relates to Apereo CAS Server prior to 3.5.3, where LDAP injection is possible through a crafted username, demonstrated by using wildcards to bypass LDAP authentication. A remote attacker could potentially authenticate without valid credentials by exploiting a wildcard user...

7.5CVSS7.3AI score0.02843EPSS
Exploits3References5Affected Software1
Packet Storm
Packet Storm
added 2015/01/22 12:0 a.m.66 views

CAS Server 3.5.2 LDAP Authentication Bypass

=====Alligator Security Team - Security Advisory======== CVE-2015-1169 - CAS Server 3.5.2 allows remote attackers to bypass LDAP authentication via crafted wildcards. Reporter: José Tozo =====Table of Contents================================== 1. Background 2. Detailed description 3. Other contex...

7.5CVSS0.5AI score0.02843EPSS
Exploits3
0day.today
0day.today
added 2015/01/22 12:0 a.m.84 views

CAS Server 3.5.2 LDAP Authentication Bypass Vulnerability

CAS Server version 3.5.2 allows remote attackers to bypass LDAP authentication via crafted wildcards. CVE-2015-1169 - CAS Server 3.5.2 allows remote attackers to bypass LDAP authentication via crafted wildcards. Reporter: José Tozo =====Table of Contents================================== 1...

7.5CVSS6.8AI score0.02843EPSS
Exploits3
Rows per page
Query Builder