What is the severity of REDHAT-BUG-608032?

The severity of REDHAT-BUG-608032 is classified as moderate due to the potential exposure of sensitive configuration parameters.

How do I fix REDHAT-BUG-608032?

To fix REDHAT-BUG-608032, ensure that the configuration files created by setup-ds.pl and setup-ds-admin.pl are securely managed and not left in /tmp.

What vulnerabilities are associated with REDHAT-BUG-608032?

REDHAT-BUG-608032 is associated with the risk of unauthorized access to sensitive configuration data stored in temporary files.

Is REDHAT-BUG-608032 present in all versions of Red Hat 389 Directory Server?

While REDHAT-BUG-608032 affects the configuration scripts, specific version details should be consulted to determine if your version is impacted.

Can REDHAT-BUG-608032 lead to further security issues?

Yes, if exploited, REDHAT-BUG-608032 can lead to unauthorized access to the directory server, potentially compromising the entire system.

Vulnerability/
REDHAT-BUG-608032

low

25/6/2010

29/9/2019

REDHAT-BUG-608032

First published: Fri Jun 25 2010(Updated: )

setup-ds.pl and setup-ds-admin.pl scripts used to configure Red Hat / 389 Directory Server instances and administration server instances creates a cache file containing configuration parameters provided by administrator configuring directory server. The file is created in /tmp with random name as setupXXXXXX.inf. It contains information such as directory server instance name, user and group under with ns-slapd should run, network port directory and administration server should listen on, base DN and administrative user names and accounts. This file is created with permissions depending on current umask setting, which is 022 for root account by default, which results in file being created as world readable. Any local user can take advantage of the weak file permissions and obtain administrative account passwords, which give them full control over directory server instance. This file is removed at the end of the setup run which limits exposure, but it is not removed when setup is started with -k or --keepcache. For additional details and patch changing setup scripts to always create cache file with restricted permissions, see: <a class="bz_bug_link bz_secure " title="" href="show_bug.cgi?id=593392">https://bugzilla.redhat.com/show_bug.cgi?id=593392</a>

Affected Software	Affected Version	How to fix
389 Directory Server

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-608032?
The severity of REDHAT-BUG-608032 is classified as moderate due to the potential exposure of sensitive configuration parameters.
How do I fix REDHAT-BUG-608032?
To fix REDHAT-BUG-608032, ensure that the configuration files created by setup-ds.pl and setup-ds-admin.pl are securely managed and not left in /tmp.
What vulnerabilities are associated with REDHAT-BUG-608032?
REDHAT-BUG-608032 is associated with the risk of unauthorized access to sensitive configuration data stored in temporary files.
Is REDHAT-BUG-608032 present in all versions of Red Hat 389 Directory Server?
While REDHAT-BUG-608032 affects the configuration scripts, specific version details should be consulted to determine if your version is impacted.
Can REDHAT-BUG-608032 lead to further security issues?
Yes, if exploited, REDHAT-BUG-608032 can lead to unauthorized access to the directory server, potentially compromising the entire system.

agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-2241
agent/references
agent/severity
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/red hat
canonical/389 directory server