Vulnerability in Fedoraproject 389_directory_server

CVE-2011-0022

The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial o…

EPSS: 0.000 (11.0th percentile) — read the EPSS interpretation.

Affected products

Fedoraproject 389_directory_server — versions 1.2.1, 1.2.2, 1.2.3
Redhat Directory_server — versions 8.2, 8.2.3
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

1025102 (vdb-entry, x_refsource_SECTRACK)
RHSA-2011:0293 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
46489 (vdb-entry, x_refsource_BID)