The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 prior to 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords for Directory and Administration Server administrative accounts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat directory server 8.0 |
||
redhat directory server 8.1 |