OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openldap | Openldap | 1.2.7 | 1.2.7 |
Openldap | Openldap | 1.2.11 | 1.2.11 |
Openldap | Openldap | 1.2.10 | 1.2.10 |
Openldap | Openldap | 1.2.8 | 1.2.8 |
Openldap | Openldap | 1.2.9 | 1.2.9 |