|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:052: kolab-server Vulnerability Scan
Vulnerability Scan Summary Check for the version of the kolab-server package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:052 (kolab-server).
Luca Villani reported the disclosure of critical configuration information
within Kolab, the KDE Groupware server. The affected versions store OpenLDAP
passwords in plain text. The heart of Kolab is an engine written in Perl that
rewrites configuration for certain applications based on templates. The build()
function in the engine left slapd.conf world-readable exhibiting the OpenLDAP
root password.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:052
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|