Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 18 Aug 2010 13:51:38 +0000 (UTC)
From: S├ębastien Delafond <seb@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: zope-ldapuser

Hi,

there is an authentication probleme in zope-ldapuser, where any password
is accepted when attempting to log in as the emergency user (as defined
in zpasswd.py). See Debian bug 593466[0] for the corresponding patch.

Cheers,

--Seb

[0] http://bugs.debian.org/593466

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ