Ldapscripts » Ldapscripts : Security Vulnerabilities, CVEs,
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-10-11
Updated
2017-07-29
1 vulnerabilities found