CVE-2012-6426

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2012-6426

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-6426.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2012-6426

Downstream

DEBIAN-CVE-2012-6426

UBUNTU-CVE-2012-6426

Published

2013-01-01T15:55:02Z

Modified

2026-04-10T03:42:34.080561Z

Summary

[none]

Details

LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.

References

http://jira.ow2.org/browse/LEMONLDAP-570
http://openwall.com/lists/oss-security/2012/12/19/6
http://openwall.com/lists/oss-security/2012/12/20/6

CVE-2012-6426

Affected packages