[email protected]CVE-2008-0893

HistoryApr 16, 2008 - 6:05 p.m.

CVE-2008-0893

2008-04-1618:05:00

CWE-264

[email protected]

web.nvd.nist.gov

red hat

administration

server

remote access

cgi

security flaw

vulnerability

nvd

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.0%

JSON

Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.

CPENameOperatorVersion
redhat:directory_serverredhat directory servereq8.0

CPE	Name	Operator	Version
redhat:directory_server	redhat directory server	eq	8.0

References

secunia.com/advisories/29761

secunia.com/advisories/29826

www.redhat.com/support/errata/RHSA-2008-0201.html

www.securityfocus.com/bid/28802

www.securitytracker.com/id?1019857

bugzilla.redhat.com/show_bug.cgi?id=437320

exchange.xforce.ibmcloud.com/vulnerabilities/41843

www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html

www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.0%

JSON

Related for CVE-2008-0893

prion1 veracode1 cvelist1 redhat1 fedora2 openvas4 nessus3