Information Exposure in Novell Identity Manager 3.6.1
CVE-2010-3264

Currently unrated

Key Information:

Vendor

Novell
Status
Identity Manager
Vendor
CVE Published:
8 September 2010

What is CVE-2010-3264?

In Novell Identity Manager version 3.6.1, the engine installer improperly stores administrative tree credentials in the /tmp/idmInstall.log file. This misconfiguration allows local users to access and read the log file, potentially exposing sensitive information related to administrative credentials, which could be exploited to gain unauthorized access to sensitive areas of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/support/viewContent.do?externalId=7...
x_refsource_CONFIRM
http://secunia.com/advisories/41194
third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/2226
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.