漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Fedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java Naming and Directory Interface (JNDI), related to (1) a nonexistent account name in combination with an empty password, which allows remote attackers to trigger a certain "unexpected / strange response" from an LDAP server, and (2) a reauthentication attempt that throws an exception, which allows remote attackers to trigger use of a cached authentication decision. NOTE: authentication can be bypassed by using vector 1 followed by vector 2, and possibly can be bypassed by using a single vector.
漏洞信息
N/A
漏洞
N/A
漏洞
Fedora Commons空LDAP口令绕过认证漏洞
漏洞信息
Fedora Commons是开源的电子库服务,可提供各种类型的信息管理系统。 Fedora Commons在处理用户认证时存在漏洞,远程攻击者可能利用此漏洞获取非授权访问。 Fedora Commons没有正确地处理某些Java命名和目录接口(JNDI)认证请求,远程攻击者可以使用不存在的帐号名和空口令认证导致LDAP服务器出现非预期的响应,绕过认证获得非授权访问。
漏洞信息
N/A
漏洞
N/A