CVE-2008-2928

2008-08-2918:41:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.594

Percentile

97.8%

JSON

Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.

Affected configurations

Nvd

Node

redhatdirectory_serverMatch7.1sp1

redhatdirectory_serverMatch7.1sp2

redhatdirectory_serverMatch7.1sp3

redhatdirectory_serverMatch7.1sp4

redhatdirectory_serverMatch7.1sp5

redhatdirectory_serverMatch7.1sp6

VendorProductVersionCPE
redhatdirectory_server7.1cpe:2.3:a:redhat:directory_server:7.1:sp1:*:*:*:*:*:*
redhatdirectory_server7.1cpe:2.3:a:redhat:directory_server:7.1:sp2:*:*:*:*:*:*
redhatdirectory_server7.1cpe:2.3:a:redhat:directory_server:7.1:sp3:*:*:*:*:*:*
redhatdirectory_server7.1cpe:2.3:a:redhat:directory_server:7.1:sp4:*:*:*:*:*:*
redhatdirectory_server7.1cpe:2.3:a:redhat:directory_server:7.1:sp5:*:*:*:*:*:*
redhatdirectory_server7.1cpe:2.3:a:redhat:directory_server:7.1:sp6:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	directory_server	7.1	cpe:2.3:a:redhat:directory_server:7.1:sp1::::::
redhat	directory_server	7.1	cpe:2.3:a:redhat:directory_server:7.1:sp2::::::
redhat	directory_server	7.1	cpe:2.3:a:redhat:directory_server:7.1:sp3::::::
redhat	directory_server	7.1	cpe:2.3:a:redhat:directory_server:7.1:sp4::::::
redhat	directory_server	7.1	cpe:2.3:a:redhat:directory_server:7.1:sp5::::::
redhat	directory_server	7.1	cpe:2.3:a:redhat:directory_server:7.1:sp6::::::