CVE-2013-2157 Information

Description

OpenStack Keystone Folsom Grizzly before 2013.1.3 and Havana when using LDAP with Anonymous binding allows remote attackers to bypass authentication via an empty password.

Reference

http://rhn.redhat.com/errata/RHSA-2013-0994.html http://rhn.redhat.com/errata/RHSA-2013-1083.html http://www.openwall.com/lists/oss-security/2013/06/13/3 http://www.securityfocus.com/bid/60545