Vulnerabilities > Debian > NSS Ldap > Medium

DATE CVE VULNERABILITY TITLE RISK
2009-03-31 CVE-2009-1073 Incorrect Permission Assignment for Critical Resource vulnerability in Debian Linux and Nss-Ldap
nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field.
local
low complexity
debian CWE-732
5.5