CVE-2000-0516

Name of the Vulnerable Software and Affected Versions Shiva Access Manager version 5.0.0

Description The issue allows local users to compromise the LDAP server by storing the root DN (Distinguished Name) name and password in cleartext in a world-readable file when configured to store configuration information in an LDAP directory.

Recommendations For Shiva Access Manager version 5.0.0, consider restricting access to the configuration file that stores the root DN and password to prevent local users from reading the sensitive information. As a temporary workaround, limit the privileges of local users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.