Sympa Invalid LDAP Password DoS Network Vulnerability

Summary

The remote host seems to be running sympa, an open source mailing list software. This version of Sympa contains a flaw in the processing of LDAP passwords. An attacker, exploiting this flaw, would need network access to the webserver. A successful attack would crash the sympa application and render it useless.

Solution

Update to version 3.4.4.1 or newer

References

http://www.sympa.org/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
An Image Gallery Directory Traversal Vulnerability
Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
Allaire JRun directory browsing vulnerability
An Image Gallery Multiple Cross-Site Scripting Vulnerability

Sympa invalid LDAP password DoS

Take action and discover your vulnerabilities