CVE-2009-2856

CVE-2009-2856 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.

Learn more about our Cis Benchmark Audit For Bind.