Unrated severityNVD Advisory· Published Jul 3, 2012· Updated Apr 29, 2026
CVE-2012-2678
CVE-2012-2678
Description
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
Affected products
42cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*+ 37 more
- cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*range: <=1.2.11.5
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:alpha8:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.9.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:redhat:directory_server:*:*:*:*:*:*:*:*range: <=8.2
- cpe:2.3:a:redhat:directory_server:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:directory_server:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:directory_server:8.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- rhn.redhat.com/errata/RHSA-2012-0997.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2012-1041.htmlnvdVendor Advisory
- secunia.com/advisories/49734nvdVendor Advisory
- directory.fedoraproject.org/wiki/Release_Notesnvd
- osvdb.org/83336nvd
- www.securityfocus.com/bid/54153nvd
- h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplaynvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19353nvd
News mentions
0No linked articles in our index yet.