CVE-2008-0893
First published: Thu Mar 13 2008(Updated: )
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Directory Server | =8.0-el5 | |
| Redhat Directory Server | =8.0-el4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=437320
- http://www.redhat.com/support/errata/RHSA-2008-0201.html
- http://secunia.com/advisories/29761
- http://www.securityfocus.com/bid/28802
- http://www.securitytracker.com/id?1019857
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html
- http://secunia.com/advisories/29826
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41843
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=302493
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=302493&action=edit
- https://rhn.redhat.com/errata/RHSA-2008-0201.html
- collector/nvd-historical
- collector/nvd-index
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/remedy
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-0893
- agent/tags
- agent/trending
- vendor/redhat
- canonical/redhat directory server
- version/redhat directory server/8.0-el5
- version/redhat directory server/8.0-el4