CVE-2011-1024
EPSS 0.25%發布日:2011/3/20修改日:2026/4/28
也稱為:DEBIAN-CVE-2011-1024
描述
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
受影響套件(1)
- Debian/openldapfrom 0, < 2.4.25-1