Lucene search

[email protected]CVE-2005-3630

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3630

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

fedora

directory

server

cve

security

vulnerability

information

password

apache

configuration

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.8%

JSON

Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders “allow” directives before “deny” directives.

CPENameOperatorVersion
redhat:fedora_coreredhat fedora coreeq1.0

CPE	Name	Operator	Version
redhat:fedora_core	redhat fedora core	eq	1.0

References

directory.fedora.redhat.com/wiki/FDS10Announcement

secunia.com/advisories/18939

www.securityfocus.com/bid/16729

bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.8%

JSON

Related for CVE-2005-3630

cvelist1 nessus1