CVE-2005-3630

Published: Dec 31, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.

Affected (1)

Products: Redhat: Fedora Core

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Fedora Core	Version 1.0

References (10)

http://directory.fedora.redhat.com/wiki/FDS10Announcement

Source: secalert@redhat.com

http://secunia.com/advisories/18939

Source: secalert@redhat.com

PatchVendor Advisory

http://www.securityfocus.com/bid/16729

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837

Source: secalert@redhat.com

http://directory.fedora.redhat.com/wiki/FDS10Announcement

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18939

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/16729

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.