Candidate: CVE-2010-2940
PublicDate: 2010-08-30 20:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2940
Description:
 The auth_send function in providers/ldap/ldap_auth.c in System Security
 Services Daemon (SSSD) 1.3.0, when LDAP authentication and anonymous bind
 are enabled, allows remote attackers to bypass the authentication
 requirements of pam_authenticate via an empty password.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_sssd:
upstream_sssd: released (1.2.1-4)
dapper_sssd: DNE
hardy_sssd: DNE
jaunty_sssd: DNE
karmic_sssd: ignored (reached end-of-life)
lucid_sssd: ignored (reached end-of-life)
maverick_sssd: not-affected (1.2.1-4)
natty_sssd: not-affected (1.2.1-4)
oneiric_sssd: not-affected (1.2.1-4)
precise_sssd: not-affected (1.2.1-4)
quantal_sssd: not-affected (1.2.1-4)
raring_sssd: not-affected (1.2.1-4)
saucy_sssd: not-affected (1.2.1-4)
devel_sssd: not-affected (1.2.1-4)