CVE-2008-0893 Information

Description

Red Hat Administration Server as used by Red Hat Directory Server 8.0 EL4 and EL5 does not properly restrict access to CGI scripts which allows remote attackers to perform administrative actions.

Reference

http://secunia.com/advisories/29761 http://secunia.com/advisories/29826 http://www.redhat.com/support/errata/RHSA-2008-0201.html http://www.securityfocus.com/bid/28802 http://www.securitytracker.com/id?1019857 https://bugzilla.redhat.com/show_bug.cgi?id=437320 https://exchange.xforce.ibmcloud.com/vulnerabilities/41843 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00380.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00386.html