Launchpad.net

CVE 2014-3999

The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

See the CVE page on Mitre.org for more details.