Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2012-2746

EPSS 0.51% · P66
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-2746

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
389 Directory Server 多个信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat 389 Directory Server(前称Fedora Directory Server)是美国红帽(Red Hat)公司的一款企业级的Linux目录服务器。该服务器完全支持LDAPv3规范,具有可扩展、多主复制等特点。 389 Directory Server 1.2.11.6之前版本(Red Hat Directory Server 8.2.10-3之前版本)中存在漏洞,该漏洞源于LDAP用户更改密码时,新的密码会以明文方式写入到审计日志中。攻击者可利用该漏洞泄露敏感信息及用户密码
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2012-2746

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2012-2746

登录查看更多情报信息。

Same Patch Batch · n/a · 2012-07-03 · 45 CVEs total

CVE-2011-2485Pidgin 'gdk_pixbuf__gif_image_load()'函数拒绝服务漏洞
CVE-2011-4127Linux kernel 权限许可和访问控制问题漏洞
CVE-2011-4086Linux Kernel ‘journal_unmap_buffer()’ 函数本地拒绝服务漏洞
CVE-2012-0045Linux Kernel KVM ‘em_syscall’函数拒绝服务漏洞
CVE-2012-2100Linux kernel 数字错误漏洞
CVE-2012-2133Linux kernel 资源管理错误漏洞
CVE-2012-2678389 Directory Server 多个信息泄露漏洞
CVE-2012-3366Bcfg2 ‘Trigger’插件远程命令注入漏洞
CVE-2012-2314Anaconda ‘bootloader’ 模块不安全文件权限安全漏洞
CVE-2012-1106Automatic Bug Reporting Tool 权限许可和访问控制漏洞
CVE-2011-2716BusyBox udhcpc远程代码执行漏洞
CVE-2012-3811Avaya IP Office Customer Call Reporter ‘ImageUpload.ashx’远程代码执行漏洞
CVE-2012-2748Joomla! 未明安全漏洞
CVE-2012-2747Joomla! 信息泄露漏洞和安全绕过漏洞
CVE-2012-2318Pidgin MSN 拒绝服务漏洞
CVE-2012-2214Pidgin两个拒绝服务漏洞
CVE-2012-1148Expat library内存泄露漏洞
CVE-2012-1147Expat library多个拒绝服务漏洞
CVE-2012-0876Expat library多个拒绝服务漏洞
CVE-2011-4029X.Org xserver ‘LockServer’函数竞争条件漏洞

Showing top 20 of 45 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2012-2746

No comments yet

Leave a comment