Project

General

Profile

Bug #233

authentication always succeeds with empty password

Added by Matt Jones about 19 years ago. Updated about 18 years ago.

Status:
Resolved
Priority:
Immediate
Assignee:
Jivka Bojilova
Category:
metacat
Target version:
Start date:
05/08/2001
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
233

Description

If logging into metacat, providing an empty string for a password always results
in successful authentication. This is a bug and security hole.

History

#1 Updated by Jivka Bojilova about 19 years ago

Fixed from Metacat
Ldap server seems to always allow access with empty password strings

#2 Updated by Jivka Bojilova about 19 years ago

FIXED

#3 Updated by Redmine Admin about 7 years ago

Original Bugzilla ID was 233

Also available in: Atom PDF