[Date Prev][Date Next] [Chronological] [Thread] [Top]

password question

To: openldap-software@OpenLDAP.org
Subject: password question
From: Ezsra McDonald <ezsra_mcdonald@yahoo.com>
Date: Thu, 17 Jun 2004 07:21:16 -0700 (PDT)

Greetings,

I discovered today that my ldap authentication is
allowing people to login wiht the wrong password.

Say my password id "green". When prompted by my web
broser or mail client for a password I can enter
"greenfrog" and still get access. The password "green"
is not equal to "greenfrog" is it? I don't think so.
It only seems to work as long as the password is
prefixed with my valid password. So, "greenwhatever"
is accepted.

Anyone know why it works this way?

Server details:
openldap-servers-2.0.27-11
Red Hat Enterprise Linux ES release 3

--Ezsra


		
__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail

Follow-Ups:
- Re: password question
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Turning off clear text - how 2 get tls only communications?
Next by Date: Re: password question
Index(es):
- Chronological
- Thread