← voltar
CVE-2017-9277

existing connection is being used even though eDirectory LDAP server is upgraded to EBA

CVSS 4.2 MEDIUMEPSS 1.4%
The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Produtos afetados
Novell · eDirectory

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.suse.com/show_bug.cgi?id=1005473https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.htmlhttps://www.novell.com/support/kb/doc.php?id=7016794