| VID |
210108 |
| Severity |
40 |
| Port |
9830 |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The RedHat / Fedora Directory Server Admin Service is vulnerable to an arbitrary command execution vulnerability. Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, could allow a remote attacker from within the local network to execute arbitrary commands on the system, caused by improper validation of user-supplied input passed to the replication monitor CGI script (repl-monitor-cgi.pl). A remote attacker with access to the "replication monitor" web page could exploit this vulnerability to execute arbitrary shell commands on the system with the privileges of the Administration Server (default "nobody"). Successful exploitation requires access to the Administration Server's port (default 9830/TCP).
* References:
http://rhn.redhat.com/errata/RHSA-2008-0199.html
http://rhn.redhat.com/errata/RHSA-2008-0201.html
http://www.securitytracker.com/id?1019856
http://www.securitytracker.com/id?1019857
http://secunia.com/advisories/29761
* Platforms Affected:
HP, HP-UX B.11.11
HP, HP-UX B.11.23
HP, HP-UX B.11.31
Red Hat, Directory Server, 7.1
Red Hat, Directory Server, 8, EL4
Red Hat, Directory Server, 8, EL5
Red Hat, Fedora_directory_server |
| Recommendation |
For Red Hat Linux:
Upgrade to an updated redhat-ds-admin package version, as listed in Red Hat Security Advisory RHSA-2008:0201-4 at https://rhn.redhat.com/errata/RHSA-2008-0201.html
For HP HP-UX:
Apply the appropriate patch for your system, as listed in HP Security Bulletin: HPSBUX02324 SSRT080034 rev.1 at http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01433676%20&jumpid=reg_R1002_USEN |
| Related URL |
CVE-2008-0892,CVE-2008-0893 (CVE) |
| Related URL |
28802 (SecurityFocus) |
| Related URL |
41840,41843 (ISS) |
|
