CVE-2008-0893

Sažetak

Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.

Reference

http://secunia.com/advisories/29761
http://secunia.com/advisories/29826
http://www.redhat.com/support/errata/RHSA-2008-0201.html
http://www.securityfocus.com/bid/28802
http://www.securitytracker.com/id?1019857
https://bugzilla.redhat.com/show_bug.cgi?id=437320
https://exchange.xforce.ibmcloud.com/vulnerabilities/41843
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-08-2017 - 01:29

Objavljeno

16-04-2008 - 18:05