|Created:||March 21, 2014||Updated:||March 26, 2014|
|Description:||From the Red Hat bugzilla entry:
It was found that empty passwords could bypass authentication. From the original advisory:
"The ActiveDirectoryLdapAuthenticator does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password."
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds