CVE-2010-2241

Name of the Vulnerable Software and Affected Versions Red Hat Directory Server versions prior to 8.2

Description The setup scripts for Red Hat Directory Server use world-readable permissions when creating cache files, allowing local users to obtain sensitive information, including passwords for administrative accounts.

Recommendations For versions prior to 8.2, update to version 8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the cache files created by the setup-ds.pl and setup-ds-admin.pl scripts to minimize the risk of exploitation.