Vulnonym.org

CVE-2008-0893 - No fault Gentoo Penguin

Description

Red Hat Administration Server as used by Red Hat Directory Server 8.0 EL4 and EL5 does not properly restrict access to CGI scripts which allows remote attackers to perform administrative actions.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=437320 http://www.redhat.com/support/errata/RHSA-2008-0201.html http://secunia.com/advisories/29761 http://www.securityfocus.com/bid/28802 http://www.securitytracker.com/id?1019857 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html http://secunia.com/advisories/29826 https://exchange.xforce.ibmcloud.com/vulnerabilities/41843