Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The user_ldap (aka LDAP user and group backend) application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OwnCloud user_ldap应用程序权限许可和访问控制漏洞
Vulnerability Description
OwnCloud是德国OwnCloud公司的一套免费且开源的个人云存储解决方案,它提供文件管理、音乐存储、日历等功能。user_ldap(又名LDAP user and group backend)是其中的一个LDAP用户和组后端应用程序。 OwnCloud的user_ldap应用程序中存在安全漏洞。远程攻击者可借助密码和有效用户名中的空字节利用该漏洞绕过身份验证。以下版本受到影响:OwnCloud 5.0.18之前版本,6.0.6之前6.x版本,7.0.3之前7.x版本。
CVSS Information
N/A
Vulnerability Type
N/A