The post-installation script for ntlmaps before 0.9.9 sets world-readable permissions for the configuration file, which allows local users to obtain the username and password.
References
Link | Resource |
---|---|
http://www.debian.org/security/2005/dsa-830 | Patch Vendor Advisory |
http://secunia.com/advisories/17017 | |
http://www.securityfocus.com/bid/16700 |
Configurations
Information
Published : 2005-09-30 11:05
Updated : 2008-09-05 13:53
NVD link : CVE-2005-2962
Mitre link : CVE-2005-2962
JSON object : View
CWE
Products Affected
ntlmaps
- ntlmaps