bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2011-03-20T01:00:00
Updated: 2024-08-06T22:14:27.305Z
Reserved: 2011-02-14T00:00:00
Link: CVE-2011-1025
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-03-20T02:00:03.767
Modified: 2024-11-21T01:25:21.343
Link: CVE-2011-1025
Redhat