CVE-2010-1596 Information

Description

Support Incident Tracker before 3.51 when using LDAP authentication with anonymous binds allows remote attackers to bypass authentication via an empty password.

Reference

http://bugs.sitracker.org/view.php?id=1047 http://osvdb.org/61945 http://secunia.com/advisories/38329 http://sitracker.org/forum/viewtopic.php?f=4&t=1416979&p=2292 http://sitracker.org/wiki/ReleaseNotes351 http://www.securityfocus.com/bid/37949 https://exchange.xforce.ibmcloud.com/vulnerabilities/55871