{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2014-03-18T17:02:53Z",
  "id": "CVE-2014-0132",
  "details": "The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0292.html"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/57412"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/57427"
    },
    {
      "type": "EVIDENCE",
      "url": "https://fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a/"
    },
    {
      "type": "FIX",
      "url": "https://fedorahosted.org/389/ticket/47739"
    }
  ]
}