The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
389_directory_server | Fedoraproject | 1.2.11.9 | 1.2.11.9 |
389_directory_server | Fedoraproject | 1.2.11.23 | 1.2.11.23 |
389_directory_server | Fedoraproject | 1.2.11.8 | 1.2.11.8 |
389_directory_server | Fedoraproject | 1.2.11.13 | 1.2.11.13 |
389_directory_server | Fedoraproject | * | 1.2.11.25 |
389_directory_server | Fedoraproject | 1.2.11.22 | 1.2.11.22 |
389_directory_server | Fedoraproject | 1.2.11.21 | 1.2.11.21 |
389_directory_server | Fedoraproject | 1.2.11.20 | 1.2.11.20 |
389_directory_server | Fedoraproject | 1.2.11.17 | 1.2.11.17 |
389_directory_server | Fedoraproject | 1.2.11.19 | 1.2.11.19 |
389_directory_server | Fedoraproject | 1.2.11.12 | 1.2.11.12 |
389_directory_server | Fedoraproject | 1.2.11.6 | 1.2.11.6 |
389_directory_server | Fedoraproject | 1.2.11.10 | 1.2.11.10 |
389_directory_server | Fedoraproject | 1.2.11.11 | 1.2.11.11 |
389_directory_server | Fedoraproject | 1.2.11.1 | 1.2.11.1 |
389_directory_server | Fedoraproject | 1.2.11.5 | 1.2.11.5 |
389_directory_server | Fedoraproject | 1.2.11.14 | 1.2.11.14 |
389_directory_server | Fedoraproject | 1.2.11.15 | 1.2.11.15 |