VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-1596

support_incident_tracker: Support Incident Tracker before 3.51, when using LD...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1596

Original

Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-04-28

Source Information Category:

Advisory, Alert

Last Updated:

2010-04-29

Affected Product Tags

cpe:/a:sitracker:support_incident_tracker:3.21

cpe:/a:sitracker:support_incident_tracker:3.22

cpe:/a:sitracker:support_incident_tracker:3.22pl1

cpe:/a:sitracker:support_incident_tracker:3.23

cpe:/a:sitracker:support_incident_tracker:3.24

cpe:/a:sitracker:support_incident_tracker:3.24:beta-2

cpe:/a:sitracker:support_incident_tracker:3.30

cpe:/a:sitracker:support_incident_tracker:3.30:beta2

cpe:/a:sitracker:support_incident_tracker:3.31

cpe:/a:sitracker:support_incident_tracker:3.32

cpe:/a:sitracker:support_incident_tracker:3.33

cpe:/a:sitracker:support_incident_tracker:3.35

cpe:/a:sitracker:support_incident_tracker:3.35:beta1

cpe:/a:sitracker:support_incident_tracker:3.36

cpe:/a:sitracker:support_incident_tracker:3.40

cpe:/a:sitracker:support_incident_tracker:3.40:beta1

cpe:/a:sitracker:support_incident_tracker:3.41

cpe:/a:sitracker:support_incident_tracker:3.45

cpe:/a:sitracker:support_incident_tracker:3.45:beta1

cpe:/a:sitracker:support_incident_tracker:3.50 and previous versions

cpe:/a:sitracker:support_incident_tracker:3.50:beta1

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

BID 37949

CONFIRM http://sitracker.org/wiki/ReleaseNotes351

CONFIRM http://sitracker.org/forum/viewtopic.php?f=4&t=1416979&p=2292

CONFIRM http://bugs.sitracker.org/view.php?id=1047

OSVDB 61945

SECUNIA 38329

Vulnerability Type Authentication Issues (CWE-287)

XF supportincident-ldap-security-bypass(55871)