Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
389 Directory Server 多个信息泄露漏洞
Vulnerability Description
Red Hat 389 Directory Server(前称Fedora Directory Server)是美国红帽(Red Hat)公司的一款企业级的Linux目录服务器。该服务器完全支持LDAPv3规范,具有可扩展、多主复制等特点。 389 Directory Server 1.2.11.6之前版本(Red Hat Directory Server 8.2.10-3之前版本)中存在漏洞,该漏洞源于LDAP用户更改密码时,新的密码会以明文方式写入到审计日志中。攻击者可利用该漏洞泄露敏感信息及用户密码
CVSS Information
N/A
Vulnerability Type
N/A