Lucene search
HistoryDec 19, 2008 - 6:30 p.m.
CVE-2008-5696
cve-2008-5696
novell
netware
support pack 8
oes2 linux
nds
apacheadmin
console
remote attackers
apache http server
security vulnerability
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
90.1%
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
Affected configurations
Node
novellnetwareRange≤6.5sp7
ORnovellnetwareMatch6.5
ORnovellnetwareMatch6.5sp1
ORnovellnetwareMatch6.5sp1.1a
ORnovellnetwareMatch6.5sp1.1b
ORnovellnetwareMatch6.5sp2
ORnovellnetwareMatch6.5sp3
ORnovellnetwareMatch6.5sp4
ORnovellnetwareMatch6.5sp5
ORnovellnetwareMatch6.5sp6
| CPE | Name | Operator | Version |
|---|---|---|---|
| novell:netware | novell netware | le | 6.5 |
Related
nvd
nvd
CVE-2008-5696
2008-12-19 18:30:00
prion
prion
Design/Logic Flaw
2008-12-19 18:30:00
cvelist
cvelist
CVE-2008-5696
2008-12-19 18:00:00
seebug
seebug
Novell Netware ApacheAdmin控制台空口令漏洞
2008-12-26 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
90.1%
Related for CVE-2008-5696