VYPR
Unrated severityNVD Advisory· Published Apr 17, 2008· Updated Jun 16, 2026

CVE-2007-6714

CVE-2007-6714

Description

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • Dbmail/Dbmail10 versions
    cpe:2.3:a:dbmail:dbmail:2.2.6:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:dbmail:dbmail:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.6:rc1:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.7:rc1:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.7:rc2:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.7:rc3:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.7:rc4:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:dbmail:dbmail:2.2.8:rc1:*:*:*:*:*:*
    • (no CPE)range: <2.2.9

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.