← volver
CVE-2017-9277

existing connection is being used even though eDirectory LDAP server is upgraded to EBA

CVSS 4.2 MEDIUMEPSS 1.4%
The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Productos afectados
Novell · eDirectory

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.suse.com/show_bug.cgi?id=1005473https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.htmlhttps://www.novell.com/support/kb/doc.php?id=7016794