directory server is vulnerable to information disclosure. Directory Server setup scripts created cache files, containing passwords for the Directory and Administration Server administrative accounts, with weak file permissions. A local user could use this flaw to obtain authentication credentials for the administrative accounts.
rhn.redhat.com/errata/RHSA-2010-0590.html
secunia.com/advisories/40811
www.osvdb.org/66962
www.redhat.com/docs/manuals/dir-server/8.2/rel-notes/html
www.redhat.com/security/updates/classification/#low
www.securitytracker.com/id?1024281
access.redhat.com/errata/RHSA-2010:0590
bugzilla.redhat.com/show_bug.cgi?id=608032