CVE-2008-0893

Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
redhatdirectory_server
8.0:el4
redhatdirectory_server
8.0:el5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29761
http://secunia.com/advisories/29826
http://www.redhat.com/support/errata/RHSA-2008-0201.html
http://www.securityfocus.com/bid/28802
http://www.securitytracker.com/id?1019857
https://bugzilla.redhat.com/show_bug.cgi?id=437320
https://exchange.xforce.ibmcloud.com/vulnerabilities/41843
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html
http://secunia.com/advisories/29761
http://secunia.com/advisories/29826
http://www.redhat.com/support/errata/RHSA-2008-0201.html
http://www.securityfocus.com/bid/28802
http://www.securitytracker.com/id?1019857
https://bugzilla.redhat.com/show_bug.cgi?id=437320
https://exchange.xforce.ibmcloud.com/vulnerabilities/41843
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html