FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-02 20:06:50 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3a81017a-8154-11dc-9283-0016179b2dd5	ldapscripts -- Command Line User Credentials Disclosure Ganael Laplanche reports: Up to now, each ldap* command was called with the -w parameter, which allows to specify the bind password on the command line. Unfortunately, this could make the password appear to anybody performing a `ps` during the call. This is now avoided by using the -y parameter and a password file. Discovery 2007-10-09 Entry 2007-10-23 ldapscripts < 1.7.1 http://sourceforge.net/project/shownotes.php?group_id=156483&release_id=546600 http://secunia.com/advisories/27111 CVE-2007-5373

VuXML ID

Description

3a81017a-8154-11dc-9283-0016179b2dd5

ldapscripts -- Command Line User Credentials Disclosure

Ganael Laplanche reports:

Up to now, each ldap* command was called with the -w parameter, which allows to specify the bind password on the command line. Unfortunately, this could make the password appear to anybody performing a `ps` during the call. This is now avoided by using the -y parameter and a password file.

Discovery 2007-10-09
Entry 2007-10-23
ldapscripts

< 1.7.1

http://sourceforge.net/project/shownotes.php?group_id=156483&release_id=546600
http://secunia.com/advisories/27111
CVE-2007-5373