Package: phpwiki Tags: security Severity: important | lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the | configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow | remote attackers to bypass authentication via an empty password, which | causes ldap_bind to return true when used with certain LDAP | implementations.
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3193> Please mention the name CVE-2007-3193 in the changelog when fixing this bug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
