Vulnerability Details CVE-2011-0002
libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.5%
CVSS Severity
CVSS v2 Score 6.4
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053365.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053378.html
- http://secunia.com/advisories/42891
- http://secunia.com/advisories/42966
- http://secunia.com/advisories/43047
- http://securitytracker.com/id?1024960
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:019
- http://www.osvdb.org/70421
- http://www.redhat.com/support/errata/RHSA-2011-0170.html
- http://www.securityfocus.com/bid/45791
- http://www.vupen.com/english/advisories/2011/0184
- http://www.vupen.com/english/advisories/2011/0201
- http://www.vupen.com/english/advisories/2011/0226
- https://bugzilla.redhat.com/show_bug.cgi?id=643227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64677
- https://fedorahosted.org/libuser/browser/NEWS?rev=libuser-0.57
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053365.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053378.html
- http://secunia.com/advisories/42891
- http://secunia.com/advisories/42966
- http://secunia.com/advisories/43047
- http://securitytracker.com/id?1024960
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:019
- http://www.osvdb.org/70421
- http://www.redhat.com/support/errata/RHSA-2011-0170.html
- http://www.securityfocus.com/bid/45791
- http://www.vupen.com/english/advisories/2011/0184
- http://www.vupen.com/english/advisories/2011/0201
- http://www.vupen.com/english/advisories/2011/0226
- https://bugzilla.redhat.com/show_bug.cgi?id=643227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64677
- https://fedorahosted.org/libuser/browser/NEWS?rev=libuser-0.57
Products affected by CVE-2011-0002
-
cpe:2.3:a:miloslav_trmac:libuser:*
-
cpe:2.3:a:miloslav_trmac:libuser:0.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.10
-
cpe:2.3:a:miloslav_trmac:libuser:0.11
-
cpe:2.3:a:miloslav_trmac:libuser:0.16.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.18
-
cpe:2.3:a:miloslav_trmac:libuser:0.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.20
-
cpe:2.3:a:miloslav_trmac:libuser:0.21
-
cpe:2.3:a:miloslav_trmac:libuser:0.23
-
cpe:2.3:a:miloslav_trmac:libuser:0.24-3
-
cpe:2.3:a:miloslav_trmac:libuser:0.24-4
-
cpe:2.3:a:miloslav_trmac:libuser:0.25
-
cpe:2.3:a:miloslav_trmac:libuser:0.25.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.26
-
cpe:2.3:a:miloslav_trmac:libuser:0.27
-
cpe:2.3:a:miloslav_trmac:libuser:0.28
-
cpe:2.3:a:miloslav_trmac:libuser:0.29
-
cpe:2.3:a:miloslav_trmac:libuser:0.3
-
cpe:2.3:a:miloslav_trmac:libuser:0.30
-
cpe:2.3:a:miloslav_trmac:libuser:0.31
-
cpe:2.3:a:miloslav_trmac:libuser:0.32
-
cpe:2.3:a:miloslav_trmac:libuser:0.4
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.100
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.101-1
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.101-2
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.102
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.90
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.91
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.92
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.93
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.95
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.96
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.97
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.98
-
cpe:2.3:a:miloslav_trmac:libuser:0.49.99
-
cpe:2.3:a:miloslav_trmac:libuser:0.5
-
cpe:2.3:a:miloslav_trmac:libuser:0.50
-
cpe:2.3:a:miloslav_trmac:libuser:0.50.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.51
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.1-1
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.1-2
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.10
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.11
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.12
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.4
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.5
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.6
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.7
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.7-3
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.7-7
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.8
-
cpe:2.3:a:miloslav_trmac:libuser:0.51.9
-
cpe:2.3:a:miloslav_trmac:libuser:0.52
-
cpe:2.3:a:miloslav_trmac:libuser:0.52.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.52.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.52.3
-
cpe:2.3:a:miloslav_trmac:libuser:0.52.4
-
cpe:2.3:a:miloslav_trmac:libuser:0.52.5
-
cpe:2.3:a:miloslav_trmac:libuser:0.52.6
-
cpe:2.3:a:miloslav_trmac:libuser:0.53
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.3
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.4
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.5
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.6
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.7
-
cpe:2.3:a:miloslav_trmac:libuser:0.53.8
-
cpe:2.3:a:miloslav_trmac:libuser:0.54
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.3
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.4
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.5
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.6
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.7
-
cpe:2.3:a:miloslav_trmac:libuser:0.54.8
-
cpe:2.3:a:miloslav_trmac:libuser:0.55
-
cpe:2.3:a:miloslav_trmac:libuser:0.56
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.10
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.11
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.12
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.13
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.14
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.15
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.16
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.17
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.3
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.4
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.5
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.6
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.7
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.8
-
cpe:2.3:a:miloslav_trmac:libuser:0.56.9
-
cpe:2.3:a:miloslav_trmac:libuser:0.6
-
cpe:2.3:a:miloslav_trmac:libuser:0.7
-
cpe:2.3:a:miloslav_trmac:libuser:0.8
-
cpe:2.3:a:miloslav_trmac:libuser:0.8.1
-
cpe:2.3:a:miloslav_trmac:libuser:0.8.2
-
cpe:2.3:a:miloslav_trmac:libuser:0.9