389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote malicious users to read the plaintext password via the unhashed#user#password attribute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat directory server 7.1 |
||
redhat directory server |
||
redhat directory server 8.1 |
||
redhat directory server 8.0 |
||
fedoraproject 389 directory server 1.2.6 |
||
fedoraproject 389 directory server 1.2.2 |
||
fedoraproject 389 directory server 1.2.3 |
||
fedoraproject 389 directory server 1.2.8 |
||
fedoraproject 389 directory server 1.2.8.1 |
||
fedoraproject 389 directory server 1.2.10.1 |
||
fedoraproject 389 directory server 1.2.10.2 |
||
fedoraproject 389 directory server 1.2.6.1 |
||
fedoraproject 389 directory server 1.2.5 |
||
fedoraproject 389 directory server 1.2.1 |
||
fedoraproject 389 directory server 1.2.10 |
||
fedoraproject 389 directory server |
||
fedoraproject 389 directory server 1.2.7 |
||
fedoraproject 389 directory server 1.2.8.2 |
||
fedoraproject 389 directory server 1.2.10.3 |
||
fedoraproject 389 directory server 1.2.10.4 |
||
fedoraproject 389 directory server 1.2.7.5 |
||
fedoraproject 389 directory server 1.2.8.3 |
||
fedoraproject 389 directory server 1.2.9.9 |
||
fedoraproject 389 directory server 1.2.10.7 |
||
fedoraproject 389 directory server 1.2.11.1 |