REDHAT-BUG-437320
First published: Thu Mar 13 2008(Updated: )
Richard Megginson discovered that Admin Server as used by Red Hat Directory Server 8 and Fedora Directory Server does not properly restrict access to CGI scripts. This could allow unauthenticated user to get access to information or perform tasks that should be restricted to authenticated administrative users.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Directory Server | ||
| Red Hat 389 Directory Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-437320?
REDHAT-BUG-437320 has been classified as a security vulnerability that allows unauthorized access to restricted information.
How do I fix REDHAT-BUG-437320?
To fix REDHAT-BUG-437320, ensure that proper access controls are implemented for CGI scripts in the Admin Server.
Which software is affected by REDHAT-BUG-437320?
REDHAT-BUG-437320 affects Red Hat Directory Server 8 and Fedora Directory Server.
What are the potential risks of REDHAT-BUG-437320?
The risks of REDHAT-BUG-437320 include unauthorized access to sensitive information and the ability to perform administrative tasks by unauthenticated users.
Is there a workaround for REDHAT-BUG-437320?
A possible workaround for REDHAT-BUG-437320 is to temporarily restrict access to the Admin Server until a patch is applied.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-0893
- agent/severity
- agent/event
- agent/description
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat directory server
- vendor/fedora
- canonical/red hat 389 directory server