Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection may send credentials in plain text on Linux.
Any .NET application that uses System.DirectoryServices.Protocols
with a vulnerable version listed below on system based on Linux.
Package name | Vulnerable versions | Secure versions ------------ | ---------------- | ------------------------- System.DirectoryServices.Protocols | 5.0.0 | 5.0.1