{"cve": [{"lastseen": "2019-05-29T18:12:22", "bulletinFamily": "NVD", "description": "389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.", "modified": "2017-09-19T01:34:00", "id": "CVE-2012-2746", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2746", "published": "2012-07-03T16:40:00", "title": "CVE-2012-2746", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:12:22", "bulletinFamily": "NVD", "description": "389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.", "modified": "2017-09-19T01:34:00", "id": "CVE-2012-2678", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2678", "published": "2012-07-03T16:40:00", "title": "CVE-2012-2678", "type": "cve", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2018-01-02T10:57:36", "bulletinFamily": "scanner", "description": "Check for the Version of 389-ds-base", "modified": "2017-12-29T00:00:00", "published": "2012-07-30T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881214", "id": "OPENVAS:881214", "title": "CentOS Update for 389-ds-base CESA-2012:0997 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for 389-ds-base CESA-2012:0997 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way 389 Directory Server handled password changes.\n If an LDAP user has changed their password, and the directory server has\n not been restarted since that change, an attacker able to bind to the\n directory server could obtain the plain text version of that user's\n password via the "unhashed#user#password" attribute. (CVE-2012-2678)\n \n It was found that when the password for an LDAP user was changed, and audit\n logging was enabled (it is disabled by default), the new password was\n written to the audit log in plain text form. This update introduces a new\n configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which\n when set to "on" (the default option), prevents 389 Directory Server from\n writing plain text passwords to the audit log. This option can be\n configured in "/etc/dirsrv/slapd-[ID]/dse.ldif". (CVE-2012-2746)\n \n All users of 389-ds-base are advised to upgrade to these updated packages,\n which resolve these issues. After installing this update, the 389 server\n service will be restarted automatically.\";\n\ntag_affected = \"389-ds-base on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-July/018726.html\");\n script_id(881214);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:47:54 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2012:0997\");\n script_name(\"CentOS Update for 389-ds-base CESA-2012:0997 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of 389-ds-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.10.2~18.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.10.2~18.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.10.2~18.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-06T13:07:14", "bulletinFamily": "scanner", "description": "Check for the Version of 389-ds-base", "modified": "2018-01-05T00:00:00", "published": "2012-06-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870770", "id": "OPENVAS:870770", "title": "RedHat Update for 389-ds-base RHSA-2012:0997-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for 389-ds-base RHSA-2012:0997-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way 389 Directory Server handled password changes.\n If an LDAP user has changed their password, and the directory server has\n not been restarted since that change, an attacker able to bind to the\n directory server could obtain the plain text version of that user's\n password via the "unhashed#user#password" attribute. (CVE-2012-2678)\n\n It was found that when the password for an LDAP user was changed, and audit\n logging was enabled (it is disabled by default), the new password was\n written to the audit log in plain text form. This update introduces a new\n configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which\n when set to "on" (the default option), prevents 389 Directory Server from\n writing plain text passwords to the audit log. This option can be\n configured in "/etc/dirsrv/slapd-[ID]/dse.ldif". (CVE-2012-2746)\n\n All users of 389-ds-base are advised to upgrade to these updated packages,\n which resolve these issues. After installing this update, the 389 server\n service will be restarted automatically.\";\n\ntag_affected = \"389-ds-base on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00040.html\");\n script_id(870770);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:26:17 +0530 (Fri, 22 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_xref(name: \"RHSA\", value: \"2012:0997-01\");\n script_name(\"RedHat Update for 389-ds-base RHSA-2012:0997-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of 389-ds-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.10.2~18.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-debuginfo\", rpm:\"389-ds-base-debuginfo~1.2.10.2~18.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.10.2~18.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2012-0997", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123872", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123872", "title": "Oracle Linux Local Check: ELSA-2012-0997", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0997.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123872\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:09:40 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0997\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0997 - 389-ds-base security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0997\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0997.html\");\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.10.2~18.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.10.2~18.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.10.2~18.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:46", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-12T00:00:00", "published": "2012-06-22T00:00:00", "id": "OPENVAS:1361412562310870770", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870770", "title": "RedHat Update for 389-ds-base RHSA-2012:0997-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for 389-ds-base RHSA-2012:0997-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00040.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870770\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:26:17 +0530 (Fri, 22 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_xref(name:\"RHSA\", value:\"2012:0997-01\");\n script_name(\"RedHat Update for 389-ds-base RHSA-2012:0997-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"389-ds-base on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way 389 Directory Server handled password changes.\n If an LDAP user has changed their password, and the directory server has\n not been restarted since that change, an attacker able to bind to the\n directory server could obtain the plain text version of that user's\n password via the 'unhashed#user#password' attribute. (CVE-2012-2678)\n\n It was found that when the password for an LDAP user was changed, and audit\n logging was enabled (it is disabled by default), the new password was\n written to the audit log in plain text form. This update introduces a new\n configuration parameter, 'nsslapd-auditlog-logging-hide-unhashed-pw', which\n when set to 'on' (the default option), prevents 389 Directory Server from\n writing plain text passwords to the audit log. This option can be\n configured in '/etc/dirsrv/slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\n All users of 389-ds-base are advised to upgrade to these updated packages,\n which resolve these issues. After installing this update, the 389 server\n service will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.10.2~18.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-debuginfo\", rpm:\"389-ds-base-debuginfo~1.2.10.2~18.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.10.2~18.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:10", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881214", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881214", "title": "CentOS Update for 389-ds-base CESA-2012:0997 centos6", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for 389-ds-base CESA-2012:0997 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-July/018726.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881214\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:47:54 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2012:0997\");\n script_name(\"CentOS Update for 389-ds-base CESA-2012:0997 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"389-ds-base on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way 389 Directory Server handled password changes.\n If an LDAP user has changed their password, and the directory server has\n not been restarted since that change, an attacker able to bind to the\n directory server could obtain the plain text version of that user's\n password via the 'unhashed#user#password' attribute. (CVE-2012-2678)\n\n It was found that when the password for an LDAP user was changed, and audit\n logging was enabled (it is disabled by default), the new password was\n written to the audit log in plain text form. This update introduces a new\n configuration parameter, 'nsslapd-auditlog-logging-hide-unhashed-pw', which\n when set to 'on' (the default option), prevents 389 Directory Server from\n writing plain text passwords to the audit log. This option can be\n configured in '/etc/dirsrv/slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\n All users of 389-ds-base are advised to upgrade to these updated packages,\n which resolve these issues. After installing this update, the 389 server\n service will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.10.2~18.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.10.2~18.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.10.2~18.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "description": "No description provided", "modified": "2013-05-27T00:00:00", "published": "2013-05-27T00:00:00", "id": "SECURITYVULNS:VULN:13090", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13090", "title": "HP-UX Directory Server informaton leakage", "type": "securityvulns", "cvss": {"score": 2.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c03772083\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c03772083\r\nVersion: 1\r\n\r\nHPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of\r\nInformation\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2013-05-23\r\nLast Updated: 2013-05-23\r\n\r\nPotential Security Impact: Remote disclosure of information\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified in HP-UX Directory\r\nServer. The vulnerability could be exploited remotely resulting in\r\ninformation disclosure.\r\n\r\nReferences: CVE-2012-2678, CVE-2012-2746\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP-UX Directory Server B.08.10.04\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2012-2678 (AV:L/AC:H/Au:N/C:P/I:N/A:N) 1.2\r\nCVE-2012-2746 (AV:N/AC:H/Au:S/C:P/I:N/A:N) 2.1\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has provided the following upgrade to resolve these vulnerabilities.\r\nThe upgrade is available at https://h20392.www2.hp.com/portal/swdepot/display\r\nProductInfo.do?productNumber=HPDirSvr\r\n\r\nProduct Version\r\n Directory Server Depot name\r\n\r\nHP-UX Directory Server B.08.10.05\r\n HP-UX_11.31_HPDirSvr_B.08.10.05_HP-UX_B.11.31_IA.depot\r\n\r\nMANUAL ACTIONS: Yes - Update\r\n\r\nInstall HP-UX Directory Server B.08.10.05 or subsequent\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\n\r\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\r\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\r\nissued by HP and lists recommended actions that may apply to a specific HP-UX\r\nsystem. It can also download patches and create a depot automatically. For\r\nmore information see: https://www.hp.com/go/swa\r\n\r\nThe following text is for use by the HP-UX Software Assistant.\r\n\r\nAFFECTED VERSIONS\r\n\r\nHP-UX B.11.31\r\n==================\r\nHpuxDirSvr.ADMSVR-RUN\r\nHpuxDirSvr.ADMSVR-SHARED\r\nHpuxDirSvr.CORE-RUN\r\nHpuxDirSvr.GUI-HELP\r\nHpuxDirSvr.GUI-RUN\r\nHpuxDirSvr.GUI-SHARED\r\nHpuxDirSvr.SLAPD-DEVEL\r\nHpuxDirSvr.SLAPD-RUN\r\nHpuxDirSvr.SLAPD-SHARED\r\naction: install revision B.08.10.05 or subsequent\r\n\r\nEND AFFECTED VERSIONS\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 23 May 2013 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin List: A list of HP Security Bulletins, updated\r\nperiodically, is contained in HP Security Notice HPSN-2011-001:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c02964430\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttp://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2013 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits;damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlGenKUACgkQ4B86/C0qfVlmbQCdGIl7T8J3EEUIgpEmE6P++Mks\r\nGHYAmwUUtbO5IObWAJbBWnIH6tAXeKVK\r\n=0iGg\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-05-27T00:00:00", "published": "2013-05-27T00:00:00", "id": "SECURITYVULNS:DOC:29422", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29422", "title": "[security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information", "type": "securityvulns", "cvss": {"score": 2.1, "vector": "AV:NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:56", "bulletinFamily": "unix", "description": "Red Hat Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nA flaw was found in the way Red Hat Directory Server handled password\nchanges. If an LDAP user had changed their password, and the directory\nserver had not been restarted since that change, an attacker able to bind\nto the directory server could obtain the plain text version of that user's\npassword via the \"unhashed#user#password\" attribute. (CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and audit\nlogging was enabled (it is disabled by default), the new password was\nwritten to the audit log in plain text form. This update introduces a new\nconfiguration parameter, \"nsslapd-auditlog-logging-hide-unhashed-pw\", which\nwhen set to \"on\" (the default option), prevents Red Hat Directory Server\nfrom writing plain text passwords to the audit log. This option can be\nconfigured in \"/etc/dirsrv/slapd-[ID]/dse.ldif\". (CVE-2012-2746)\n\nAll users of Red Hat Directory Server 8 are advised to upgrade to these\nupdated packages, which resolve these issues. After installing this update,\nthe dirsrv service will be restarted automatically.\n", "modified": "2017-09-08T12:12:12", "published": "2012-06-26T04:00:00", "id": "RHSA-2012:1041", "href": "https://access.redhat.com/errata/RHSA-2012:1041", "type": "redhat", "title": "(RHSA-2012:1041) Moderate: redhat-ds-base security update", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2019-08-13T18:46:56", "bulletinFamily": "unix", "description": "The 389 Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password changes.\nIf an LDAP user has changed their password, and the directory server has\nnot been restarted since that change, an attacker able to bind to the\ndirectory server could obtain the plain text version of that user's\npassword via the \"unhashed#user#password\" attribute. (CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and audit\nlogging was enabled (it is disabled by default), the new password was\nwritten to the audit log in plain text form. This update introduces a new\nconfiguration parameter, \"nsslapd-auditlog-logging-hide-unhashed-pw\", which\nwhen set to \"on\" (the default option), prevents 389 Directory Server from\nwriting plain text passwords to the audit log. This option can be\nconfigured in \"/etc/dirsrv/slapd-[ID]/dse.ldif\". (CVE-2012-2746)\n\nAll users of 389-ds-base are advised to upgrade to these updated packages,\nwhich resolve these issues. After installing this update, the 389 server\nservice will be restarted automatically.\n", "modified": "2018-06-06T20:24:22", "published": "2012-06-20T04:00:00", "id": "RHSA-2012:0997", "href": "https://access.redhat.com/errata/RHSA-2012:0997", "type": "redhat", "title": "(RHSA-2012:0997) Moderate: 389-ds-base security update", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2020-02-01T01:31:17", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2012:0997 :\n\nUpdated 389-ds-base packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user", "modified": "2020-02-02T00:00:00", "id": "ORACLELINUX_ELSA-2012-0997.NASL", "href": "https://www.tenable.com/plugins/nessus/68565", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : 389-ds-base (ELSA-2012-0997)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0997 and \n# Oracle Linux Security Advisory ELSA-2012-0997 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68565);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/30 10:58:17\");\n\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_bugtraq_id(54153);\n script_xref(name:\"RHSA\", value:\"2012:0997\");\n\n script_name(english:\"Oracle Linux 6 : 389-ds-base (ELSA-2012-0997)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0997 :\n\nUpdated 389-ds-base packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user's password via the 'unhashed#user#password' attribute.\n(CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and\naudit logging was enabled (it is disabled by default), the new\npassword was written to the audit log in plain text form. This update\nintroduces a new configuration parameter,\n'nsslapd-auditlog-logging-hide-unhashed-pw', which when set to 'on'\n(the default option), prevents 389 Directory Server from writing plain\ntext passwords to the audit log. This option can be configured in\n'/etc/dirsrv/slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\nAll users of 389-ds-base are advised to upgrade to these updated\npackages, which resolve these issues. After installing this update,\nthe 389 server service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002889.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-devel-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-libs-1.2.10.2-18.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-devel / 389-ds-base-libs\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2020-02-01T01:42:45", "bulletinFamily": "scanner", "description": "Updated 389-ds-base packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user", "modified": "2020-02-02T00:00:00", "id": "REDHAT-RHSA-2012-0997.NASL", "href": "https://www.tenable.com/plugins/nessus/59636", "published": "2012-06-21T00:00:00", "title": "RHEL 6 : 389-ds-base (RHSA-2012:0997)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0997. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59636);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2019/10/24 15:35:35\");\n\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_xref(name:\"RHSA\", value:\"2012:0997\");\n\n script_name(english:\"RHEL 6 : 389-ds-base (RHSA-2012:0997)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated 389-ds-base packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user's password via the 'unhashed#user#password' attribute.\n(CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and\naudit logging was enabled (it is disabled by default), the new\npassword was written to the audit log in plain text form. This update\nintroduces a new configuration parameter,\n'nsslapd-auditlog-logging-hide-unhashed-pw', which when set to 'on'\n(the default option), prevents 389 Directory Server from writing plain\ntext passwords to the audit log. This option can be configured in\n'/etc/dirsrv/slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\nAll users of 389-ds-base are advised to upgrade to these updated\npackages, which resolve these issues. After installing this update,\nthe 389 server service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2678\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0997\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-debuginfo-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-debuginfo-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-devel-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-devel-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-libs-1.2.10.2-18.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-libs-1.2.10.2-18.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc\");\n }\n}\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2020-02-01T06:44:04", "bulletinFamily": "scanner", "description": "Updated 389-ds-base packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user", "modified": "2020-02-02T00:00:00", "id": "CENTOS_RHSA-2012-0997.NASL", "href": "https://www.tenable.com/plugins/nessus/59936", "published": "2012-07-11T00:00:00", "title": "CentOS 6 : 389-ds-base (CESA-2012:0997)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0997 and \n# CentOS Errata and Security Advisory 2012:0997 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2020/01/07\");\n\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_xref(name:\"RHSA\", value:\"2012:0997\");\n\n script_name(english:\"CentOS 6 : 389-ds-base (CESA-2012:0997)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated 389-ds-base packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user's password via the 'unhashed#user#password' attribute.\n(CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and\naudit logging was enabled (it is disabled by default), the new\npassword was written to the audit log in plain text form. This update\nintroduces a new configuration parameter,\n'nsslapd-auditlog-logging-hide-unhashed-pw', which when set to 'on'\n(the default option), prevents 389 Directory Server from writing plain\ntext passwords to the audit log. This option can be configured in\n'/etc/dirsrv/slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\nAll users of 389-ds-base are advised to upgrade to these updated\npackages, which resolve these issues. After installing this update,\nthe 389 server service will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018726.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d63096e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2746\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-devel-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-libs-1.2.10.2-18.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-devel / 389-ds-base-libs\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2020-02-01T01:42:45", "bulletinFamily": "scanner", "description": "Updated redhat-ds-base packages that fix two security issues are now\navailable for Red Hat Directory Server 8.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way Red Hat Directory Server handled password\nchanges. If an LDAP user had changed their password, and the directory\nserver had not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user", "modified": "2020-02-02T00:00:00", "id": "REDHAT-RHSA-2012-1041.NASL", "href": "https://www.tenable.com/plugins/nessus/78926", "published": "2014-11-08T00:00:00", "title": "RHEL 5 : redhat-ds-base (RHSA-2012:1041)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1041. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78926);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/24 15:35:35\");\n\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n script_bugtraq_id(54153);\n script_xref(name:\"RHSA\", value:\"2012:1041\");\n\n script_name(english:\"RHEL 5 : redhat-ds-base (RHSA-2012:1041)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated redhat-ds-base packages that fix two security issues are now\navailable for Red Hat Directory Server 8.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way Red Hat Directory Server handled password\nchanges. If an LDAP user had changed their password, and the directory\nserver had not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user's password via the 'unhashed#user#password' attribute.\n(CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and\naudit logging was enabled (it is disabled by default), the new\npassword was written to the audit log in plain text form. This update\nintroduces a new configuration parameter,\n'nsslapd-auditlog-logging-hide-unhashed-pw', which when set to 'on'\n(the default option), prevents Red Hat Directory Server from writing\nplain text passwords to the audit log. This option can be configured\nin '/etc/dirsrv/ slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\nAll users of Red Hat Directory Server 8 are advised to upgrade to\nthese updated packages, which resolve these issues. After installing\nthis update, the dirsrv service will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1041\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2678\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected redhat-ds-base and / or redhat-ds-base-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1041\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"redhat-ds-base-8.2.10-3.el5dsrv\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"redhat-ds-base-8.2.10-3.el5dsrv\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"redhat-ds-base-devel-8.2.10-3.el5dsrv\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"redhat-ds-base-devel-8.2.10-3.el5dsrv\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redhat-ds-base / redhat-ds-base-devel\");\n }\n}\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2020-02-01T02:06:54", "bulletinFamily": "scanner", "description": "The 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user", "modified": "2020-02-02T00:00:00", "id": "SL_20120620_389_DS_BASE_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61334", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(61334);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/31 11:35:01\");\n\n script_cve_id(\"CVE-2012-2678\", \"CVE-2012-2746\");\n\n script_name(english:\"Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password\nchanges. If an LDAP user has changed their password, and the directory\nserver has not been restarted since that change, an attacker able to\nbind to the directory server could obtain the plain text version of\nthat user's password via the 'unhashed#user#password' attribute.\n(CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and\naudit logging was enabled (it is disabled by default), the new\npassword was written to the audit log in plain text form. This update\nintroduces a new configuration parameter,\n'nsslapd-auditlog-logging-hide-unhashed-pw', which when set to 'on'\n(the default option), prevents 389 Directory Server from writing plain\ntext passwords to the audit log. This option can be configured in\n'/etc/dirsrv/slapd-[ID]/dse.ldif'. (CVE-2012-2746)\n\nAll users of 389-ds-base are advised to upgrade to these updated\npackages, which resolve these issues. After installing this update,\nthe 389 server service will be restarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=1257\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a62a5938\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-debuginfo-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-devel-1.2.10.2-18.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-libs-1.2.10.2-18.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}], "centos": [{"lastseen": "2019-12-20T18:26:22", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:0997\n\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nA flaw was found in the way 389 Directory Server handled password changes.\nIf an LDAP user has changed their password, and the directory server has\nnot been restarted since that change, an attacker able to bind to the\ndirectory server could obtain the plain text version of that user's\npassword via the \"unhashed#user#password\" attribute. (CVE-2012-2678)\n\nIt was found that when the password for an LDAP user was changed, and audit\nlogging was enabled (it is disabled by default), the new password was\nwritten to the audit log in plain text form. This update introduces a new\nconfiguration parameter, \"nsslapd-auditlog-logging-hide-unhashed-pw\", which\nwhen set to \"on\" (the default option), prevents 389 Directory Server from\nwriting plain text passwords to the audit log. This option can be\nconfigured in \"/etc/dirsrv/slapd-[ID]/dse.ldif\". (CVE-2012-2746)\n\nAll users of 389-ds-base are advised to upgrade to these updated packages,\nwhich resolve these issues. After installing this update, the 389 server\nservice will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-July/030764.html\n\n**Affected packages:**\n389-ds-base\n389-ds-base-devel\n389-ds-base-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0997.html", "modified": "2012-07-10T17:32:43", "published": "2012-07-10T17:32:43", "href": "http://lists.centos.org/pipermail/centos-announce/2012-July/030764.html", "id": "CESA-2012:0997", "title": "389 security update", "type": "centos", "cvss": {"score": 2.1, "vector": "AV:N/AC:H/Au:S/C:P/I:N/A:N"}}]}
