Candidate: CVE-2012-2678
PublicDate: 2012-07-03 16:40:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2678
 https://rhn.redhat.com/errata/RHSA-2012-0997.html
Description:
 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before
 8.2.10-3), after the password for a LDAP user has been changed and before
 the server has been reset, allows remote attackers to read the plaintext
 password via the unhashed#user#password attribute.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=829933
 https://fedorahosted.org/389/ticket/378
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_389-ds-base:
upstream_389-ds-base: released (1.2.11.6)
hardy_389-ds-base: DNE
lucid_389-ds-base: DNE
natty_389-ds-base: DNE
oneiric_389-ds-base: DNE
precise_389-ds-base: ignored (reached end-of-life)
precise/esm_389-ds-base: DNE (precise was needed)
quantal_389-ds-base: ignored (reached end-of-life)
raring_389-ds-base: ignored (reached end-of-life)
saucy_389-ds-base: ignored (reached end-of-life)
trusty_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
trusty/esm_389-ds-base: DNE (trusty was not-affected [1.3.2.16-0ubuntu1])
utopic_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
vivid_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
vivid/stable-phone-overlay_389-ds-base: DNE
vivid/ubuntu-core_389-ds-base: DNE
wily_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
xenial_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
yakkety_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
zesty_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
devel_389-ds-base: not-affected (1.3.2.16-0ubuntu1)