CVE-2013-6796 Information

Description

The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password which triggers an LDAP anonymous bind.

Reference

http://packetstormsecurity.com/files/124054 http://www.exploit-db.com/exploits/29706 http://www.osvdb.org/100007 http://www.securityfocus.com/bid/63793 https://exchange.xforce.ibmcloud.com/vulnerabilities/89077