Lucene search

[email protected]CVE-2008-0890

HistoryMar 12, 2008 - 12:44 a.m.

CVE-2008-0890

2008-03-1200:44:00

CWE-264

[email protected]

web.nvd.nist.gov

red hat

directory server

cve-2008-0890

insecure permissions

local users

arbitrary code

nvd

8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which allows local users to modify JAR files and execute arbitrary code via unknown vectors.

CPENameOperatorVersion
redhat:directory_serverredhat directory serverle7.1

CPE	Name	Operator	Version
redhat:directory_server	redhat directory server	le	7.1

References

secunia.com/advisories/29350

www.redhat.com/support/errata/RHSA-2008-0173.html

www.securityfocus.com/bid/28204

www.securitytracker.com/id?1019577

exchange.xforce.ibmcloud.com/vulnerabilities/41152

8 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-0890

cvelist1 prion1