Vulnerability in Redhat Directory_server
CVE-2010-2241
The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords fo…
EPSS: 0.000 (15.1th percentile) — read the EPSS interpretation.
Affected products
- Redhat Directory_server — versions 8.0, 8.1
- N/a — versions n/a
Weakness classification (CWE)
References
- 1024281 (vdb-entry, x_refsource_SECTRACK)
- 66962 (x_refsource_OSVDB, vdb-entry)
- secalert@redhat.com (x_refsource_CONFIRM)
- RHSA-2010:0590 (x_refsource_REDHAT, vendor-advisory)
- 40811 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)