4 matches found
CVE-2021-35472
CVE-2021-35472 affects LemonLDAP::NG prior to 2.0.12. The issue is a session cache corruption vulnerability that can lead to authorization bypass or spoofing. By issuing a loop of many authentication attempts, an attacker might end up authenticated as one of two different users, enabling potentia...
[SECURITY] [DSA 4943-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4943-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2021 https://www.debian.org/security/faq -...
Debian DSA-4943-1 : lemonldap-ng - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dsa-4943 advisory. Several vulnerabilities were discovered in lemonldap-ng, a Web-SSO system. The flaws could result in information disclosure, authentication bypass, or could allow an...