The SASL authentication functionality in 389 Directory Server prior to 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fedoraproject 389 directory server 1.2.11.9 |
||
fedoraproject 389 directory server 1.2.11.23 |
||
fedoraproject 389 directory server 1.2.11.8 |
||
fedoraproject 389 directory server 1.2.11.13 |
||
fedoraproject 389 directory server |
||
fedoraproject 389 directory server 1.2.11.22 |
||
fedoraproject 389 directory server 1.2.11.21 |
||
fedoraproject 389 directory server 1.2.11.20 |
||
fedoraproject 389 directory server 1.2.11.17 |
||
fedoraproject 389 directory server 1.2.11.19 |
||
fedoraproject 389 directory server 1.2.11.12 |
||
fedoraproject 389 directory server 1.2.11.6 |
||
fedoraproject 389 directory server 1.2.11.10 |
||
fedoraproject 389 directory server 1.2.11.11 |
||
fedoraproject 389 directory server 1.2.11.1 |
||
fedoraproject 389 directory server 1.2.11.5 |
||
fedoraproject 389 directory server 1.2.11.14 |
||
fedoraproject 389 directory server 1.2.11.15 |
Vulmon