| Revision Date: | 2015-03-10 | Version: | 1 | | Title: | CVE-2014-8112 on Ubuntu 18.10 (cosmic) - low. | | Description: | 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2014-8112
| | Platform(s): | Ubuntu 18.10
| Product(s): | | | Definition Synopsis | | Ubuntu 18.10 (cosmic) is installed. AND Package Information
NOT 389-ds package in cosmic, while related to the CVE in some way, is not affected.
OR NOT 389-ds-base package in cosmic, while related to the CVE in some way, is not affected.
OR NOT 389-ds-base-libs package in cosmic, while related to the CVE in some way, is not affected.
OR NOT cockpit-389-ds package in cosmic, while related to the CVE in some way, is not affected.
OR NOT python3-dirsrvtests package in cosmic, while related to the CVE in some way, is not affected.
OR NOT python3-lib389 package in cosmic, while related to the CVE in some way, is not affected.
|
|