Medium severity4.7NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2016-4984
CVE-2016-4984
Description
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:a:openldap:openldap-servers:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.