Great, thank you guys!
On Fri, Jun 12, 2015 at 6:26 PM, Misagh Moayyed mmoay...@unicon.net wrote:
CAS Community,
CAS versions 3.6.0 and 4.0.2 [1] [2] have been released and should shortly
make their way into Maven central repositories, if not already. We
encourage you to integrate these
in a public mail list, if its not good
then just quit.
On Fri, Jan 23, 2015 at 12:24 AM, Paul B. Henson hen...@csupomona.edu
wrote:
From: J. Tozo
Sent: Thursday, January 22, 2015 1:06 PM
Its can be considered a minor weakness because it makes easier to
successfully
You know what you
:
From: J. Tozo
Sent: Friday, January 23, 2015 10:28 AM
I was not aware of the issue wasn't present in the fast bind ldap
authentication
because I discovered it in my own deployment, a year ago.
[...]
I thought reasonable to write a small report about it, the
way i see it could hit my
could exploit this vulnerability using brute-force techniques to
gain access to a user's account.
On Fri, Jan 23, 2015 at 9:18 PM, Paul B. Henson hen...@csupomona.edu
wrote:
From: J. Tozo
Sent: Friday, January 23, 2015 1:52 PM
So you saying if I bruteforce a CAS server with a common
Hi,
Its can be considered a minor weakness because it makes easier to
successfully perpetrate a bruteforce attack. Using common passwords and
guessing the username using the wildcards.
A valid username and a password is required to you simulate if you system
have or not this vulnerability.
...@gmail.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
Grato,
J. Tozo
_
°v°
/(S)\SLACKWARE
^ ^ Linux
_
because it works
--
You are currently subscribed to cas-user