Candidate: CVE-2012-2746
PublicDate: 2012-07-03 16:40:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2746
 https://rhn.redhat.com/errata/RHSA-2012-0997.html
Description:
 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before
 8.2.10-3), when the password of a LDAP user has been changed and audit
 logging is enabled, saves the new password to the log in plain text, which
 allows remote authenticated users to read the password.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=833482
 https://fedorahosted.org/389/ticket/365
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_389-ds-base:
upstream_389-ds-base: released (1.3.0.2)
hardy_389-ds-base: DNE
lucid_389-ds-base: DNE
natty_389-ds-base: DNE
oneiric_389-ds-base: DNE
precise_389-ds-base: ignored (reached end-of-life)
precise/esm_389-ds-base: DNE (precise was needs-triage)
quantal_389-ds-base: ignored (reached end-of-life)
raring_389-ds-base: ignored (reached end-of-life)
saucy_389-ds-base: ignored (reached end-of-life)
trusty_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
trusty/esm_389-ds-base: DNE (trusty was not-affected [1.3.2.16-0ubuntu1])
utopic_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
vivid_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
vivid/stable-phone-overlay_389-ds-base: DNE
vivid/ubuntu-core_389-ds-base: DNE
wily_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
xenial_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
yakkety_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
zesty_389-ds-base: not-affected (1.3.2.16-0ubuntu1)
devel_389-ds-base: not-affected (1.3.2.16-0ubuntu1)