Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection may send credentials in plain text on Linux.
Patches
Any .NET application that uses System.DirectoryServices.Protocols with a vulnerable version listed below on system based on Linux.
| Package name |
Vulnerable versions |
Secure versions |
| System.DirectoryServices.Protocols |
5.0.0 |
5.0.1 |
Other Details
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection may send credentials in plain text on Linux.
Patches
Any .NET application that uses
System.DirectoryServices.Protocolswith a vulnerable version listed below on system based on Linux.Other Details