CVE-2014-8112
Publication date 10 March 2015
Last updated 24 July 2024
Ubuntu priority
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
Status
Package | Ubuntu Release | Status |
---|---|---|
389-ds-base | ||
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |
Notes
Patch details
Package | Patch details |
---|---|
389-ds-base |