Описание
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1.7.1-2 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.7.1-2 |
| intrepid | released | 1.7.1-2 |
| jaunty | released | 1.7.1-2 |
| karmic | released | 1.7.1-2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
2.1 Low
CVSS2
Связанные уязвимости
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
ldapscripts 1.4 and 1.7 sends a password as a command line argument wh ...
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность защищаемой информации
EPSS
2.1 Low
CVSS2