CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-2928

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile17.39th
Published2008年8月29日
Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.

Affected Platforms (CPE)

📦
Redhat

Directory Server

= 7.1
📦
Redhat

Directory Server

= 7.1
📦
Redhat

Directory Server

= 7.1
📦
Redhat

Directory Server

= 7.1
📦
Redhat

Directory Server

= 7.1
📦
Redhat

Directory Server

= 7.1

References & Advisories

🔗 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861
🔗 http://secunia.com/advisories/31565
🔗 http://secunia.com/advisories/31702
🔗 http://secunia.com/advisories/31777
🔗 http://securitytracker.com/id?1020771
🔗 http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html
🔗 http://www.securityfocus.com/bid/30869
🔗 http://www.vupen.com/english/advisories/2008/2480

相关漏洞威胁

CVE-1999-095010.0

Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create n...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-1999-008010.0

Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin,...

CVE-2000-107610.0

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, wh...