Seregorn

Name of the Vulnerable Software and Affected Versions: Apache auth ldap versions 1.6.0 and earlier auth ldap version 1.4.8 Description: The issue concerns multiple format string vulnerabilities in the `auth ldap log reason` function. This allows remote attackers to execute arbitrary code via various vectors, including the `username`. The vulnerability can lead to a breach of confidentiality, integrity, and availability of protected information and can be exploited remotely. Recommendations: For Apache auth ldap versions 1.6.0 and earlier, update to a version later than 1.6.0 to resolve the issue. For auth ldap version 1.4.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.