Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2678

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2012-2678
Last Modified 05 Dec 2013 12:14:11
Published 03 Jul 2012 12:40:33
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2012-2678

Summary

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.

Vulnerable Systems

Application

  • Fedoraproject 389 Directory Server 1.2.1

  • Fedoraproject 389 Directory Server 1.2.10

  • Fedoraproject 389 Directory Server 1.2.10.1

  • Fedoraproject 389 Directory Server 1.2.10.2

  • Fedoraproject 389 Directory Server 1.2.10.3

  • Fedoraproject 389 Directory Server 1.2.10.4

  • Fedoraproject 389 Directory Server 1.2.10.7

  • Fedoraproject 389 Directory Server 1.2.11.1

  • Fedoraproject 389 Directory Server 1.2.11.5

  • Fedoraproject 389 Directory Server 1.2.2

  • Fedoraproject 389 Directory Server 1.2.3

  • Fedoraproject 389 Directory Server 1.2.5

  • Fedoraproject 389 Directory Server 1.2.6

  • Fedoraproject 389 Directory Server 1.2.6.1

  • Fedoraproject 389 Directory Server 1.2.7

  • Fedoraproject 389 Directory Server 1.2.7.5

  • Fedoraproject 389 Directory Server 1.2.8

  • Fedoraproject 389 Directory Server 1.2.8.1

  • Fedoraproject 389 Directory Server 1.2.8.2

  • Fedoraproject 389 Directory Server 1.2.8.3

  • Fedoraproject 389 Directory Server 1.2.9.9

  • Redhat Directory Server 7.1

  • Redhat Directory Server 8.0

  • Redhat Directory Server 8.1

  • Redhat Directory Server 8.2


References

BID - 54153

SECUNIA - 49734

REDHAT - RHSA-2012:1041

REDHAT - RHSA-2012:0997

OSVDB - 83336

CONFIRM - http://directory.fedoraproject.org/wiki/Release_Notes

HP - SSRT101189

HP - HPSBUX02881


Last Updated: 27 May 2016 10:54:50