CVE-2014-8764 (retired)

Priority
Description
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP
authentication, allows remote attackers to bypass authentication via a user
name and password starting with a null (\0) character, which triggers an
anonymous bind.
Notes
Package
Upstream:released (0.0.20140929.a-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (0.0.20140929.d-1ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 19.04 (Disco Dingo):not-affected
Ubuntu 19.10 (Eoan):not-affected
More Information

Updated: 2019-10-09 07:51:23 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)