Support Incident Tracker 3.22pl1 and prior [Medium]

By on Wednesday, April 28th, 2010 in Security Notifications | Related Software Packages:

Affects:

  • Support Incident Tracker 3.22pl1 and prior [Medium]

Description

Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.

If you have questions about this security warning or need to have it translated and you have an active technical support contract, please call 1-888-OPENLOGIC or email us at support@openlogic.com.

CVE Identifier: CVE-2010-1596
Severity: Medium

National Vulnerabilities Database

NIST National Vulnerabilities Database

Related posts:

  1. Using Apache as a File Server with DAV and LDAP
  2. System Slows Using Red Hat-Bundled Perl
  3. Effortless File Sharing Across Platforms with FreeNAS
  4. Shh! OpenSSH Secrets Here
  5. Three Top Open Source Bug Tracking Apps

Related Open-Source Packages

Support_incident_tracker: See all Support_incident_tracker Articles » Get Support_incident_tracker Support at OLEX »

Security Team

We'll keep you safe. Trust us, that's our job. Even though, contrary to what our Avatar might imply, we're not all linebackers. In fact, some of us are quite petite. And others of us wear high heeled boots. Red. Wondering whether we also know what we're talking about? C'mon -have you read any of these security posts?

Comments are closed.

© 2012 OpenLogic, Inc. | Licensing | Privacy Policy | Terms of Use

Bad Behavior has blocked 2289 access attempts in the last 7 days.