6.4

CVE-2011-0002

Exploit
libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Miloslav TrmacLibuser Version <= 0.56.18
Miloslav TrmacLibuser Version0.1
Miloslav TrmacLibuser Version0.2
Miloslav TrmacLibuser Version0.3
Miloslav TrmacLibuser Version0.4
Miloslav TrmacLibuser Version0.5
Miloslav TrmacLibuser Version0.6
Miloslav TrmacLibuser Version0.7
Miloslav TrmacLibuser Version0.8
Miloslav TrmacLibuser Version0.8.1
Miloslav TrmacLibuser Version0.8.2
Miloslav TrmacLibuser Version0.9
Miloslav TrmacLibuser Version0.10
Miloslav TrmacLibuser Version0.11
Miloslav TrmacLibuser Version0.16.1
Miloslav TrmacLibuser Version0.18
Miloslav TrmacLibuser Version0.20
Miloslav TrmacLibuser Version0.21
Miloslav TrmacLibuser Version0.23
Miloslav TrmacLibuser Version0.24-3
Miloslav TrmacLibuser Version0.24-4
Miloslav TrmacLibuser Version0.25
Miloslav TrmacLibuser Version0.25.1
Miloslav TrmacLibuser Version0.26
Miloslav TrmacLibuser Version0.27
Miloslav TrmacLibuser Version0.28
Miloslav TrmacLibuser Version0.29
Miloslav TrmacLibuser Version0.30
Miloslav TrmacLibuser Version0.31
Miloslav TrmacLibuser Version0.32
Miloslav TrmacLibuser Version0.49.90
Miloslav TrmacLibuser Version0.49.91
Miloslav TrmacLibuser Version0.49.92
Miloslav TrmacLibuser Version0.49.93
Miloslav TrmacLibuser Version0.49.95
Miloslav TrmacLibuser Version0.49.96
Miloslav TrmacLibuser Version0.49.97
Miloslav TrmacLibuser Version0.49.98
Miloslav TrmacLibuser Version0.49.99
Miloslav TrmacLibuser Version0.49.100
Miloslav TrmacLibuser Version0.49.101-1
Miloslav TrmacLibuser Version0.49.101-2
Miloslav TrmacLibuser Version0.49.102
Miloslav TrmacLibuser Version0.50
Miloslav TrmacLibuser Version0.50.2
Miloslav TrmacLibuser Version0.51
Miloslav TrmacLibuser Version0.51.1-1
Miloslav TrmacLibuser Version0.51.1-2
Miloslav TrmacLibuser Version0.51.2
Miloslav TrmacLibuser Version0.51.4
Miloslav TrmacLibuser Version0.51.5
Miloslav TrmacLibuser Version0.51.6
Miloslav TrmacLibuser Version0.51.7
Miloslav TrmacLibuser Version0.51.7-3
Miloslav TrmacLibuser Version0.51.7-7
Miloslav TrmacLibuser Version0.51.8
Miloslav TrmacLibuser Version0.51.9
Miloslav TrmacLibuser Version0.51.10
Miloslav TrmacLibuser Version0.51.11
Miloslav TrmacLibuser Version0.51.12
Miloslav TrmacLibuser Version0.52
Miloslav TrmacLibuser Version0.52.1
Miloslav TrmacLibuser Version0.52.2
Miloslav TrmacLibuser Version0.52.3
Miloslav TrmacLibuser Version0.52.4
Miloslav TrmacLibuser Version0.52.5
Miloslav TrmacLibuser Version0.52.6
Miloslav TrmacLibuser Version0.53
Miloslav TrmacLibuser Version0.53.1
Miloslav TrmacLibuser Version0.53.2
Miloslav TrmacLibuser Version0.53.3
Miloslav TrmacLibuser Version0.53.4
Miloslav TrmacLibuser Version0.53.5
Miloslav TrmacLibuser Version0.53.6
Miloslav TrmacLibuser Version0.53.7
Miloslav TrmacLibuser Version0.53.8
Miloslav TrmacLibuser Version0.54
Miloslav TrmacLibuser Version0.54.1
Miloslav TrmacLibuser Version0.54.2
Miloslav TrmacLibuser Version0.54.3
Miloslav TrmacLibuser Version0.54.4
Miloslav TrmacLibuser Version0.54.5
Miloslav TrmacLibuser Version0.54.6
Miloslav TrmacLibuser Version0.54.7
Miloslav TrmacLibuser Version0.54.8
Miloslav TrmacLibuser Version0.55
Miloslav TrmacLibuser Version0.56
Miloslav TrmacLibuser Version0.56.1
Miloslav TrmacLibuser Version0.56.2
Miloslav TrmacLibuser Version0.56.3
Miloslav TrmacLibuser Version0.56.4
Miloslav TrmacLibuser Version0.56.5
Miloslav TrmacLibuser Version0.56.6
Miloslav TrmacLibuser Version0.56.7
Miloslav TrmacLibuser Version0.56.8
Miloslav TrmacLibuser Version0.56.9
Miloslav TrmacLibuser Version0.56.10
Miloslav TrmacLibuser Version0.56.11
Miloslav TrmacLibuser Version0.56.12
Miloslav TrmacLibuser Version0.56.13
Miloslav TrmacLibuser Version0.56.14
Miloslav TrmacLibuser Version0.56.15
Miloslav TrmacLibuser Version0.56.16
Miloslav TrmacLibuser Version0.56.17
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.79% 0.886
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053365.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053378.html
http://secunia.com/advisories/42891
Vendor Advisory
http://secunia.com/advisories/42966
Vendor Advisory
http://secunia.com/advisories/43047
http://securitytracker.com/id?1024960
http://www.mandriva.com/security/advisories?name=MDVSA-2011:019
http://www.osvdb.org/70421
http://www.redhat.com/support/errata/RHSA-2011-0170.html
http://www.securityfocus.com/bid/45791
http://www.vupen.com/english/advisories/2011/0184
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0201
http://www.vupen.com/english/advisories/2011/0226
https://bugzilla.redhat.com/show_bug.cgi?id=643227
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/64677
https://fedorahosted.org/libuser/browser/NEWS?rev=libuser-0.57