Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go, an attacker may be able to login with an empty password. This issue affects an application using this package if these conditions are met: (1) it relies only on the return error of the Bind function call to determine whether a user is authorized (i.e., a nil return value is interpreted as successful authorization) and (2) it is used with an LDAP server allowing unauthenticated bind.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
go-ldap ldap 信任管理问题漏洞
Vulnerability Description
go-ldap ldap是一个基于GO语言的LDAP服务器。 go-ldap ldap 2.5.0及之前的版本中存在安全漏洞。远程攻击者借助空密码利用该漏洞登录服务器。
CVSS Information
N/A
Vulnerability Type
N/A