Ldapscripts: Security Vulnerabilities
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
CVSS Score
2.1
EPSS Score
0.001
Published
2007-10-11