CVE-2008-0889

Published: Mar 20, 2008Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script.

Affected (2)

Products: Redhat: Directory Server

Redhat

1 product

Directory Server

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Redhat Directory Server	Version 8.0 el4
Redhat Directory Server	Version 8.0 el5

Running on/with	Platform Versions
Redhat Enterprise Linux	All versions

Related CWEs

CWE-264

References (8)

http://secunia.com/advisories/29482

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0191.html

Source: secalert@redhat.com

Patch

http://www.securityfocus.com/bid/28327

Source: secalert@redhat.com

http://www.securitytracker.com/id?1019677

Source: secalert@redhat.com

http://secunia.com/advisories/29482

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0191.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/bid/28327

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1019677

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.