CVE-2008-0150

Description

Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access.

Affected products

• aruba_networks / aruba_mobility_controllers2.4.8.11-fips
• aruba_networks / aruba_mobility_controllers2.3.6.15 – 2.3.6.15
• aruba_networks / aruba_mobility_controllers2.5.2.11 – 2.5.2.11
• aruba_networks / aruba_mobility_controllers2.5.4.25 – 2.5.4.25
• aruba_networks / aruba_mobility_controllers2.5.5.7 – 2.5.5.7
• aruba_networks / aruba_mobility_controllers3.1.1.3 – 3.1.1.3

References

• MISChttp://www.securityfocus.com/bid/27144
• VENDOR_ADVISORYhttp://secunia.com/advisories/28357
• MISChttp://www.securityfocus.com/archive/1/485831/100/0/threaded
• MISChttp://securityreason.com/securityalert/3529
• MISChttp://www.arubanetworks.com/support/alerts/aid-122207.asc