SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP CAS Server LDAP authentication bypass attempt
This event is generated when an attempt to bypass the LDAP authentication of a CAS server has been detected Impact: High Details: Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication. Ease of Attack: Simple
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2015-1169 |
Loading description
|