CVE-2005-3630
First published: Sat Dec 31 2005(Updated: )
Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Fedora Core | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-3630?
The severity of CVE-2005-3630 is considered moderate as it allows attackers to obtain sensitive information.
How do I fix CVE-2005-3630?
To fix CVE-2005-3630, update to a patched version of Fedora Directory Server that addresses this vulnerability.
Who is affected by CVE-2005-3630?
CVE-2005-3630 affects users of Fedora Directory Server before version 10.
What type of information can be leaked through CVE-2005-3630?
CVE-2005-3630 can potentially expose sensitive information such as passwords from adm.conf.
What configurations lead to CVE-2005-3630 exploitation?
The exploitation of CVE-2005-3630 likely involves an Apache httpd.conf configuration that improperly orders "allow" before "deny" directives.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/redhat
- canonical/red hat fedora core
- version/red hat fedora core/1.0