Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0150

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0150
Last Modified 05 Sep 2008 05:34:20
Published 08 Jan 2008 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0150

Summary

Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access.

Vulnerable Systems

Application

  • Aruba Networks Aruba Mobility Controllers 2.3.6.15

  • Aruba Networks Aruba Mobility Controllers 2.4.8.11-fips

  • Aruba Networks Aruba Mobility Controllers 2.5.2.11

  • Aruba Networks Aruba Mobility Controllers 2.5.4.25

  • Aruba Networks Aruba Mobility Controllers 2.5.5.7

  • Aruba Networks Aruba Mobility Controllers 3.1.1.3


References

BID - 27144

BUGTRAQ - 20080104 Aruba Mobility Controller User Authentication Vulnerability - Aruba Advisory ID: AID-122207

CONFIRM - http://www.arubanetworks.com/support/alerts/aid-122207.asc

SECUNIA - 28357

SREASON - 3529


Last Updated: 27 May 2016 10:46:41