CVE Vulnerabilities

CVE-2000-0748

Published: Oct 20, 2000 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.

Affected Software

Name Vendor Start Version End Version
Openldap Openldap 1.2.7 1.2.7
Openldap Openldap 1.2.11 1.2.11
Openldap Openldap 1.2.10 1.2.10
Openldap Openldap 1.2.8 1.2.8
Openldap Openldap 1.2.9 1.2.9

References