|
 |
|
Red Hat update for redhat-ds-admin
|
|
|
|
|
Secunia Advisory:
|
SA29761
|
|
|
Release Date:
|
2008-04-16
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Security Bypass
System access
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Red Hat Directory Server 8.x
|
| | CVE reference: | CVE-2008-0892 (Secunia mirror)
CVE-2008-0893 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Red Hat has issued an update for redhat-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
1) Certain input passed to the repl-monitor-cgi.pl CGI script is not properly sanitised before being used in a "system()" call, which can be exploited to inject and execute arbitrary shell commands.
Successful exploitation allows the execution of arbitrary commands with the privileges of the Administration Server (default "nobody"), but requires access to the "replication monitor" page.
2) Access to certain scripts is not properly restricted. This can be exploited to e.g. disclose information or perform certain restricted tasks.
Successful exploitation requires access to the Administration Server's port (default 9830/TCP).
NOTE: An unauthenticated attacker can exploit a combination of the two vulnerabilities to execute arbitrary commands with the privileges of the Administration Server.
Solution:
Updated packages are available via Red Hat Network.
Provided and/or discovered by:
Red Hat credits Richard Megginson.
Original Advisory:
http://rhn.redhat.com/errata/RHSA-2008-0201.html
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
2 Related Secunia Security Advisories
|
|
|
1. Red Hat Directory Server Regular Expression Handler Buffer Overflow
|
|
2. Red Hat Directory Server Insecure File Permissions
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
