PT-2008-6748 · Novell+1 · Oes2 Linux+2

Published

2008-12-19

Updated

2017-08-08

CVE-2008-5696

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Novell NetWare versions 6.5 before Support Pack 8

Description The issue allows remote attackers to reconfigure the Apache HTTP Server via console operations because no password is required for the ApacheAdmin console when an OES2 Linux server is installed into the NDS tree.

Recommendations For Novell NetWare versions 6.5 before Support Pack 8, apply Support Pack 8 to address the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2008-5696

Affected Products

Apache Http Server

Novell Netware

Oes2 Linux

PT-2008-6748 · Novell+1 · Oes2 Linux+2

CVE-2008-5696

Weakness Enumeration

Related Identifiers

Affected Products

References · 7