Openldap: >> Openldap-Servers Security Vulnerabilities
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
CVSS Score
4.7
EPSS Score
0.0
Published
2017-07-17