CVE-2005-2654

EPSS 0.77%

phpldapadmin - programming error

Published: 8/30/2005Modified: 4/28/2026

Description

phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set.

Affected packages (2)

Debian/phpldapadminfrom 0, < 0.9.6c-5
Debian/phpldapadminfrom 0, < 0.9.5-3sarge2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2654