CVE-2008-5696

Published: Dec 19, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.

Affected (10)

Products: Novell: Netware

1 product

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Novell Netware	Up to 6.5
Novell Netware	Version 6.5
Novell Netware	Version 6.5 sp1.1a
Novell Netware	Version 6.5 sp1.1b
Novell Netware	Version 6.5 sp1
Novell Netware	Version 6.5 sp2
Novell Netware	Version 6.5 sp3
Novell Netware	Version 6.5 sp4
Novell Netware	Version 6.5 sp5
Novell Netware	Version 6.5 sp6

Related CWEs

References (12)

http://secunia.com/advisories/32989

Source: cve@mitre.org

Vendor Advisory

http://www.novell.com/support/viewContent.do?externalId=7001907

Source: cve@mitre.org

http://www.securityfocus.com/bid/32657

Source: cve@mitre.org

http://www.securitytracker.com/id?1021350

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/3368

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/47104

Source: cve@mitre.org

http://secunia.com/advisories/32989

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.novell.com/support/viewContent.do?externalId=7001907

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/32657

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1021350

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/3368

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/47104

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.