Weak Permissions for TLS Certificate in openldap-servers' generate-server-cert.sh Script
CVE-2016-4984 · LOW Severity
AV:L/AC:M/AU:N/C:P/I:N/A:N
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
Learn more about our Cis Benchmark Audit For Server Software.