Computer Security
[EN] securityvulns.ru no-pyccku


nss-ldapd Weak file permissions
Published:01.04.2009
Source:
SecurityVulns ID:9788
Type:local
Threat Level:
5/10
Description:/etc/nss-ldapd.conf flie with LDAP password is world readable.
Affected:NSSLDAP : nss-ldapd 0.6
CVE:CVE-2009-1073 (nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure (01.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod