CVE-2014-0132

The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind...

389 Directory Server SASL/GSSAPI验证绕过漏洞

Bugtraq ID:66235 CVE ID:CVE-2014-0132 389 Directory Server的前身是Fedora Directory Server，是一个企业级的Linux目录服务器。 当指定"authzid"参数时389 Directory Server不正确处理SASL/GSSAPI验证，允许远程攻击者利用漏洞使用其他用户目录。 0 389 Directory Server formerly known as Fedora Directory Server 1.3.1.20 389 Directory Server formerly known as Fedo...

SLES10: Security update for cyrus-sasl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain cyrus-sasl-sqlauxprop More details may...

SLES11: Security update for cyrus-sasl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain More details may also be found by searching for the SuSE...

SLES9: Security update for cyrus-sasl

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain For more information, please visit the...