The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password, which triggers an LDAP anonymous bind.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Deepofix |
Deeproot_linux |
* |
3.3 (including) |
References