oss-sec mailing list archives

CVE request: zope-ldapuser

From: Sébastien Delafond <seb () debian org>
Date: Wed, 18 Aug 2010 13:51:38 +0000 (UTC)

Hi,

there is an authentication probleme in zope-ldapuser, where any password
is accepted when attempting to log in as the emergency user (as defined
in zpasswd.py). See Debian bug 593466[0] for the corresponding patch.

Cheers,

--Seb

[0] http://bugs.debian.org/593466

Current thread:

CVE request: zope-ldapuser Sébastien Delafond (Aug 18)
- Re: CVE request: zope-ldapuser Josh Bressers (Aug 19)