Detections
Analytics

IBM Tivoli Directory Server ldapinst.log DB2 Admin Password Disclosure

medium Nessus Plugin ID 47901

Language:

Synopsis

The remote installation of Tivoli Directory Server stores the login and password of the DB2 database in a plaintext log file.

Description

The remote installation of Tivoli Directory Server created a file called 'ldapinst.log' that contains the login and password of the IBM DB2 database used for this service.

An attacker who could get access to this file (or a backup of it) would be able to log into the DB2 database and modify its content or structure.

Solution

Apply the patch from IBM or delete the file.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg1IO12776

http://www-01.ibm.com/support/docview.wss?uid=swg24027450

Plugin Details

Severity: Medium

ID: 47901

File Name: tivoli_directory_svr_db2_passwd.nasl

Version: 1.11

Type: local

Agent: windows

Family: Windows

Published: 7/29/2010

Updated: 7/9/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS Score Rationale: Score from a more in depth analysis done by tenable

CVSS v2

Risk Factor: Low

Base Score: 3.8

Temporal Score: 3.1

Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:N/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: Medium

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_directory_server

Required KB Items: SMB/name, SMB/login, SMB/password

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/28/2010

Vulnerability Publication Date: 7/28/2010

Reference Information

BID: 42015