VDB
GCVE-110-MAGEIA-2017-340
GCVE-110-MAGEIA-2017-340
Advisory Published
The directory server password lockout policy prevents binds from
operating once a threshold of failed passwords has been met. During this
lockout, if you bind with a successful password, a different error code
is returned. This means that an attacker has no ratelimit or penalty
during an account lock, and can continue to attempt passwords via
bruteforce, using the change in return code to ascertain a sucessful
password auth (CVE-2017-7551).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | 389-ds-base | 0 (affected), 1.3.4.14-1.3.mga5 (unaffected) | — |
| Mageia | 389-ds-base | 0 (affected), 1.3.5.17-1.1.mga6 (unaffected) | — |
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.