CVE-2007-5373
CVE-2007-5373 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
Learn more about our User Device Pen Test.