bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-03-20T01:00:00
Updated: 2017-01-04T17:57:01
Reserved: 2011-02-14T00:00:00
Link: CVE-2011-1025
JSON object: View
NVD Information
Status : Modified
Published: 2011-03-20T02:00:03.767
Modified: 2017-01-07T02:59:03.637
Link: CVE-2011-1025
JSON object: View
Redhat Information
No data.
CWE