Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2928

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-2928
Last Modified 07 Mar 2011 10:09:57
Published 29 Aug 2008 02:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2928

Summary

Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.

Vulnerable Systems

Application

  • Redhat Directory Server 7.1


References

REDHAT - RHSA-2008:0596

BID - 30869

FEDORA - FEDORA-2008-7339

FEDORA - FEDORA-2008-7642

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=453916

XF - rhds-acceptlanguage-bo(44738)

VUPEN - ADV-2008-2480

CONFIRM - http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html

SECTRACK - 1020771

SECUNIA - 31777

SECUNIA - 31702

SECUNIA - 31565

HP - HPSBUX02354

HP - SSRT080113


Last Updated: 27 May 2016 10:49:54