Lucene search
HistoryMar 20, 2008 - 12:44 a.m.
CVE-2008-0889
red hat
directory server
8.0
security vulnerability
cve-2008-0889
nvd
arbitrary code execution
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script.
Affected configurations
Node
redhatenterprise_linux
redhatdirectory_serverMatch8.0el4
ORredhatdirectory_serverMatch8.0el5
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:directory_server | redhat directory server | eq | 8.0 |
Related
cvelist
cvelist
CVE-2008-0889
2008-03-20 00:00:00
redhat
redhat
(RHSA-2008:0191) Important: redhat-idm-console security update
2008-03-19 00:00:00
nvd
nvd
CVE-2008-0889
2008-03-20 00:44:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:22:08
prion
prion
Code injection
2008-03-20 00:44:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-0889