You are here

U-200: Red Hat Directory Server Information Disclosure Security Issue and Vulnerability

June 27, 2012 - 7:00am

Addthis

PROBLEM:

A security issue and a vulnerability have been reported in Red Hat Directory Server, which can be exploited by malicious users to disclose sensitive information.

PLATFORM:

Red Hat Directory Server 8.x

ABSTRACT:

If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password.

Reference Links:

Original Advisory
Secunia ID 49734
CVE-2012-2678, CVE-2012-2746

IMPACT ASSESSMENT:

Medium

Discussion:

1) The security issue is caused due to new passwords being saved to the audit log in plain text and can be exploited to disclose a user's password. Successful exploitation of the security issue requires that the audit log is enabled (disabled by default).

2) The vulnerability is caused due to an error when changing password and can be exploited to disclose a user's password via the "unhashed#user#password" attribute. Successful exploitation of the vulnerability requires that the server hasn't been restarted since the password change.

Impact:

Exposure of sensitive information from local network

Solution:

Updated packages are available via Red Hat Network.

Addthis