Computer Security
[EN] securityvulns.ru no-pyccku


HP-UX Directory Server informaton leakage
Published:27.05.2013
Source:
SecurityVulns ID:13090
Type:remote
Threat Level:
5/10
Affected:HP : HP-UX 11.31
CVE:CVE-2012-2746 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.)
 CVE-2012-2678 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.)
Original documentdocumentHP, [security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information (27.05.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod