Project

General

Profile

Actions

Bug #233

closed

authentication always succeeds with empty password

Added by Matt Jones over 23 years ago. Updated over 22 years ago.

Status:
Resolved
Priority:
Immediate
Assignee:
Jivka Bojilova
Category:
metacat
Target version:
Start date:
05/08/2001
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
233

Description

If logging into metacat, providing an empty string for a password always results
in successful authentication. This is a bug and security hole.

Actions #1

Updated by Jivka Bojilova over 23 years ago

Fixed from Metacat
Ldap server seems to always allow access with empty password strings

Actions #2

Updated by Jivka Bojilova over 23 years ago

FIXED

Actions #3

Updated by Redmine Admin over 11 years ago

Original Bugzilla ID was 233

Actions

Also available in: Atom PDF