Rapid7 Vulnerability & Exploit Database

ELSA-2012-0997 Moderate: Oracle Linux 389-ds-base security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2012-0997 Moderate: Oracle Linux 389-ds-base security update

Severity

CVSS

(AV:N/AC:H/Au:S/C:P/I:N/A:N)

Published

06/30/2012

Created

07/25/2018

Added

07/17/2012

Modified

04/11/2019

Description

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.

Solution(s)

oracle-linux-upgrade-389-ds-base
oracle-linux-upgrade-389-ds-base-devel
oracle-linux-upgrade-389-ds-base-libs

References

https://attackerkb.com/topics/cve-2012-2678
54153
CVE - 2012-2678
CVE - 2012-2746
OVAL19241
OVAL19353
RHSA-2012:0997
RHSA-2012:1041
http://oss.oracle.com/pipermail/el-errata/2012-June/002889.html
76595

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

ELSA-2012-0997 Moderate: Oracle Linux 389-ds-base security update

ELSA-2012-0997 Moderate: Oracle Linux 389-ds-base security update

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.