Vulnerability Details CVE-2013-6796
The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password, which triggers an LDAP anonymous bind.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.147
EPSS Ranking 94.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://packetstormsecurity.com/files/124054
- http://www.exploit-db.com/exploits/29706
- http://www.osvdb.org/100007
- http://www.securityfocus.com/bid/63793
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89077
- http://packetstormsecurity.com/files/124054
- http://www.exploit-db.com/exploits/29706
- http://www.osvdb.org/100007
- http://www.securityfocus.com/bid/63793
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89077
Products affected by CVE-2013-6796
-
cpe:2.3:a:deeproot_linux:deepofix:*