CVE-2012-2746

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before
8.2.10-3), when the password of a LDAP user has been changed and audit
logging is enabled, saves the new password to the log in plain text, which
allows remote authenticated users to read the password.

Bugs

• <https://bugzilla.redhat.com/show_bug.cgi?id=833482&gt;
• <https://fedorahosted.org/389/ticket/365&gt;