Sun Solaris LDAP2 RootDN Password Disclosure Vulnerability
BID:17479
Info
Sun Solaris LDAP2 RootDN Password Disclosure Vulnerability
| Bugtraq ID: | 17479 |
| Class: | Design Error |
| CVE: |
CVE-2006-1782 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 11 2006 12:00AM |
| Updated: | Aug 17 2006 12:35PM |
| Credit: | Michael Gerdts discovered this issue. |
| Vulnerable: |
Sun Trusted Solaris 8.0 Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8_sparc Avaya Interactive Response 1.3 Avaya Interactive Response 1.2.1 Avaya Interactive Response 2.0 Avaya CMS Server 13.0 Avaya CMS Server 12.0 Avaya CMS Server 11.0 Avaya CMS Server 9.0 Avaya CMS Server 13.1 |
| Not Vulnerable: | |
Discussion
Sun Solaris LDAP2 RootDN Password Disclosure Vulnerability
Sun Solaris LDAP2 is prone to an information disclosure vulnerability.
A successful attack can allow unprivileged attackers to compromise a directory server by gaining access to the rootDN password that would allow them to add, delete, and search records in the server.
Sun Solaris LDAP2 is prone to an information disclosure vulnerability.
A successful attack can allow unprivileged attackers to compromise a directory server by gaining access to the rootDN password that would allow them to add, delete, and search records in the server.
Exploit / POC
Sun Solaris LDAP2 RootDN Password Disclosure Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Sun Solaris LDAP2 RootDN Password Disclosure Vulnerability
Solution:
Sun has released an advisory with fixes to address this issue.
Please see references for more information and vendor advisories.
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 9
Sun Solaris 9_x86
Solution:
Sun has released an advisory with fixes to address this issue.
Please see references for more information and vendor advisories.
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 9
Sun Solaris 9_x86
References
Sun Solaris LDAP2 RootDN Password Disclosure Vulnerability
References:
References: