CVE-2003-1434 Information

Description

login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on which allows a bind with no password provided (2) bind_anon_cred is on which allows a bind with no DN or (3) bind_anon is on which allows a bind with no DN or password.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-02/0244.html http://www.securityfocus.com/bid/6903 https://exchange.xforce.ibmcloud.com/vulnerabilities/11374