Vulnerabilities > Debian > NSS Ldap > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-31 | CVE-2009-1073 | Incorrect Permission Assignment for Critical Resource vulnerability in Debian Linux and Nss-Ldap nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field. | 5.5 |