Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.11758
Category:CGI abuses
Title:eLDAPo cleartext passwords
Summary:NOSUMMARY
Description:Description:

The remote host is hosting eLDAPo, a PHP-based CGI
suite designed to perform LDAP queries.

This application stores the passwords to the LDAP server
in clear text in its source file. An attacker could read
the source code of index.php and may use the information
contained to gain credentials on a third party server.


Solution : Upgrade to eLDAPo 1.18 or newer
Risk factor : Medium

Cross-Ref: BugTraq ID: 7535
CopyrightThis script is Copyright (C) 2003 Renaud Deraison

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.