BSA-2017-442
21333
24 December 2018
29 September 2017
Closed
Low
2.7
N/A
CVE-2016-4984
Summary Security Advisory ID : BSA-2017-442 Component : OpenLDAP Revision : 3.0: Final
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
Products Confirmed Not Vulnerable
No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | September 29, 2017 |
2.0 | Updated to address ADX, vADX, & WC | October 13, 2017 |
3.0 | updated for Brocade Fiber Channel Only | December 24, 2018 |