Lucene search

[email protected]NVD:CVE-2008-2932

HistorySep 12, 2008 - 4:56 p.m.

CVE-2008-2932

2008-09-1216:56:20

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

High

EPSS

0.084

Percentile

94.4%

JSON

Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929.

Affected configurations

Nvd

Node

redhatadminutilMatch1.1.6

VendorProductVersionCPE
redhatadminutil1.1.6cpe:2.3:a:redhat:adminutil:1.1.6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	adminutil	1.1.6	cpe:2.3:a:redhat:adminutil:1.1.6:::::::*

References

secunia.com/advisories/31777

www.securityfocus.com/bid/31106

bugzilla.redhat.com/show_bug.cgi?id=454662

exchange.xforce.ibmcloud.com/vulnerabilities/45203

www.redhat.com/archives/fedora-package-announce/2008-September/msg00218.html

www.redhat.com/archives/fedora-package-announce/2008-September/msg00449.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.3

Confidence

High

EPSS

0.084

Percentile

94.4%

JSON

Related for NVD:CVE-2008-2932

prion2 cve2 cvelist2 openvas6 fedora2 nessus2 securityvulns2 seebug2 veracode1 nvd1 redhat1