PT-2008-2506 · Red Hat+1 · Red Hat Directory Server+1

Richard Megginson

Published

2008-04-16

Updated

2022-02-03

CVE-2008-0892

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Directory Server versions 8.0 EL4 and EL5

Description The issue concerns the replication monitor CGI script, specifically the repl-monitor-cgi.pl script, which allows remote attackers to execute arbitrary commands.

Recommendations For Red Hat Directory Server versions 8.0 EL4 and EL5, consider disabling the repl-monitor-cgi.pl script as a temporary workaround until a patch is available. Restrict access to the replication monitor CGI script to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2008-0892

HPSBUX02324

RHSA-2008:0199

RHSA-2008:0201

Affected Products

Hp-Ux

Red Hat Directory Server

PT-2008-2506 · Red Hat+1 · Red Hat Directory Server+1

CVE-2008-0892

Weakness Enumeration

Related Identifiers

Affected Products

References · 16