exploits , vulnerabilities , articles , OpenLDAP Ambiguous Password Attribute Weakness

Title	OpenLDAP Ambiguous Password Attribute Weakness
Published	2004-09-07-12:00AM
Updated	2004-09-07-11:38PM
Class	Design Error
CVE	CAN-2004-0823
Remote	Yes
Local	No
Credit	Steve Revilak of Kayak Software Corporation disclosed this weakness.
Vulnerable	OpenLDAP OpenLDAP 2.1.19 OpenLDAP OpenLDAP 2.1.18 OpenLDAP OpenLDAP 2.1.17 OpenLDAP OpenLDAP 2.1.16 Conectiva Linux 9.0 OpenLDAP OpenLDAP 2.1.15 OpenLDAP OpenLDAP 2.1.14 OpenLDAP OpenLDAP 2.1.13 OpenLDAP OpenLDAP 2.1.12 S.u.S.E. Linux Personal 8.2 OpenLDAP OpenLDAP 2.1.11 OpenLDAP OpenLDAP 2.1.10 OpenLDAP OpenLDAP 2.1.4 Conectiva Linux Enterprise Edition 1.0 OpenLDAP OpenLDAP 2.1 .20 OpenLDAP OpenLDAP 2.0.27 OpenLDAP OpenLDAP 2.0.25 Conectiva Linux 8.0 Gentoo Linux 1.2 Gentoo Linux 1.4 _rc1 MandrakeSoft Linux Mandrake 9.0 RedHat Linux 8.0 RedHat Linux 8.0 i386 OpenLDAP OpenLDAP 2.0.23 Debian Linux 3.0 Debian Linux 3.0 alpha Debian Linux 3.0 arm Debian Linux 3.0 hppa Debian Linux 3.0 ia32 Debian Linux 3.0 ia64 Debian Linux 3.0 m68k Debian Linux 3.0 mips Debian Linux 3.0 mipsel Debian Linux 3.0 ppc Debian Linux 3.0 s/390 Debian Linux 3.0 sparc RedHat Linux 7.3 RedHat Linux 7.3 i386 S.u.S.E. Linux 8.0 OpenLDAP OpenLDAP 2.0.22 OpenLDAP OpenLDAP 2.0.21 Conectiva Linux 6.0 Conectiva Linux 7.0 MandrakeSoft Linux Mandrake 8.2 MandrakeSoft Linux Mandrake 8.2 ppc OpenLDAP OpenLDAP 2.0.20 OpenLDAP OpenLDAP 2.0.19 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.18 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.17 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.16 OpenLDAP OpenLDAP 2.0.15 Conectiva Linux 6.0 Conectiva Linux 7.0 OpenLDAP OpenLDAP 2.0.14 MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.1 ia64 OpenLDAP OpenLDAP 2.0.13 OpenLDAP OpenLDAP 2.0.12 S.u.S.E. Linux 7.3 S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 sparc OpenLDAP OpenLDAP 2.0.11 9 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1.1 OpenLDAP OpenLDAP 2.0.11 11S Caldera OpenLinux eBuilder 3.0 SCO eServer 2.3.1 OpenLDAP OpenLDAP 2.0.11 11 Caldera OpenLinux 3.1 IA64 Caldera OpenLinux Server 3.1 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1 Caldera OpenLinux Workstation 3.1.1 OpenLDAP OpenLDAP 2.0.11 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1.1 Conectiva Linux 6.0 Conectiva Linux 7.0 HP Secure OS software for Linux 1.0 RedHat Linux 7.2 RedHat Linux 7.2 alpha RedHat Linux 7.2 i386 RedHat Linux 7.2 ia64 S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.1 alpha S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.2 OpenLDAP OpenLDAP 2.0.10 OpenLDAP OpenLDAP 2.0.9 OpenLDAP OpenLDAP 2.0.8 OpenLDAP OpenLDAP 2.0.7 Caldera OpenLinux 3.1 IA64 Caldera OpenLinux eBuilder 3.0 Caldera OpenLinux Server 3.1 Caldera OpenLinux Workstation 3.1 HP Secure OS software for Linux 1.0 MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 8.0 ppc RedHat Linux 7.1 RedHat Linux 7.1 alpha RedHat Linux 7.1 i386 RedHat Linux 7.1 ia64 SCO eServer 2.3.1 OpenLDAP OpenLDAP 2.0.6 OpenLDAP OpenLDAP 2.0.5 OpenLDAP OpenLDAP 2.0.4 OpenLDAP OpenLDAP 2.0.3 OpenLDAP OpenLDAP 2.0.2 OpenLDAP OpenLDAP 2.0.1 OpenLDAP OpenLDAP 2.0 OpenLDAP OpenLDAP 1.2.13 Trustix Secure Linux 1.1 Trustix Secure Linux 1.2 Trustix Secure Linux 1.5 OpenLDAP OpenLDAP 1.2.12 OpenLDAP OpenLDAP 1.2.11 Debian Linux 2.2 Debian Linux 2.2 68k Debian Linux 2.2 alpha Debian Linux 2.2 arm Debian Linux 2.2 powerpc Debian Linux 2.2 sparc RedHat Linux 7.0 RedHat Linux 7.0 i386 OpenLDAP OpenLDAP 1.2.10 OpenLDAP OpenLDAP 1.2.9 RedHat Linux 6.2 RedHat Linux 6.2 i386 OpenLDAP OpenLDAP 1.2.8 OpenLDAP OpenLDAP 1.2.7 OpenLDAP OpenLDAP 1.2.6 OpenLDAP OpenLDAP 1.2.5 OpenLDAP OpenLDAP 1.2.4 OpenLDAP OpenLDAP 1.2.3 OpenLDAP OpenLDAP 1.2.2 OpenLDAP OpenLDAP 1.2.1 OpenLDAP OpenLDAP 1.2 OpenLDAP OpenLDAP 1.1.4 OpenLDAP OpenLDAP 1.1.3 OpenLDAP OpenLDAP 1.1.2 OpenLDAP OpenLDAP 1.1.1 OpenLDAP OpenLDAP 1.1 OpenLDAP OpenLDAP 1.0.3 OpenLDAP OpenLDAP 1.0.2 OpenLDAP OpenLDAP 1.0.1 OpenLDAP OpenLDAP 1.0 Apple Mac OS X Server 10.3.5 Apple Mac OS X Server 10.3.4 Apple Mac OS X Server 10.2.8 Apple Mac OS X 10.3.5 Apple Mac OS X 10.3.4 Apple Mac OS X 10.2.8
Not Vulnerable
Code	An exploit is not required.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability
2009-12-09 Polipo Malformed HTTP GET Request Memory Corruption Vulnerability
2009-12-09 PhpShop Cross-Site Scripting and SQL Injection Vulnerabilities
2009-12-09 GNU GRUB Local Authentication Bypass Vulnerability
2009-12-09 NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability