nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field.
Max CVSS
5.5
EPSS Score
0.04%
Published
2009-03-31
Updated
2024-02-15
1 vulnerabilities found