Information disclosure in Novell Suse_linux_enterprise_server

CVE-2008-5423

Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to th…

Vulnerability class: Information Disclosure

EPSS: 0.003 (23.1th percentile) — read the EPSS interpretation.

Affected products

Novell Suse_linux_enterprise_server — versions 9, 8
Sun Java_desktop_system — versions 2.0
Sun Ray_server_software — versions 3.0, 3.1, 4.0
Sun Ray_windows_connector — versions 1.1, 2.0
Sun Solaris — versions 8, 9, 10
Redhat Enterprise_linux — versions 4, 3
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vendor-advisory, Patch, x_refsource_SUNALERT)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (x_refsource_CONFIRM, Patch)