Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenLDAP openldap-servers 竞争条件漏洞
Vulnerability Description
OpenLDAP是美国OpenLDAP基金会的一个轻型目录访问协议(LDAP)的自由和开源实现,它已被包含在Linux发行版中。openldap-servers是其中的一个服务器端。 OpenLDAP openldap-servers中的/usr/libexec/openldap/generate-server-cert.sh文件存在安全漏洞,该漏洞源于程序为TLS证书设置了弱权限。本地攻击者可利用该漏洞获取TLS证书。
CVSS Information
N/A
Vulnerability Type
N/A