CVE-2008-2928

EPSS 23.55%
Veröffentlicht 29.08.2008 18:41:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Directory Server Version7.1 Updatesp1

Redhat ≫ Directory Server Version7.1 Updatesp2

Redhat ≫ Directory Server Version7.1 Updatesp3

Redhat ≫ Directory Server Version7.1 Updatesp4

Redhat ≫ Directory Server Version7.1 Updatesp5

Redhat ≫ Directory Server Version7.1 Updatesp6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	23.55%	0.955

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861

http://secunia.com/advisories/31565

http://secunia.com/advisories/31702

http://secunia.com/advisories/31777

http://securitytracker.com/id?1020771

http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html

http://www.securityfocus.com/bid/30869

Patch

http://www.vupen.com/english/advisories/2008/2480

https://bugzilla.redhat.com/show_bug.cgi?id=453916

https://exchange.xforce.ibmcloud.com/vulnerabilities/44738

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5865