Azure Linux 3.0 Security Update: vitess (CVE-2017-14623)

The version of vitess installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-14623 advisory. - In the ldap.v2 aka go-ldap package through 2.5.0 for Go, an attacker May be able to login with an empty...

PT-2017-4226 · Go · Ldap.V2

Name of the Vulnerable Software and Affected Versions: ldap.v2 aka go-ldap versions through 2.5.0 Description: The issue is related to the authentication procedure in the ldap.v2 package for Go. An attacker may be able to login with an empty password if the application relies solely on the return...