Lucene search
Redhat.comRH:CVE-2008-1475HistoryOct 04, 2019 - 10:02 p.m.
CVE-2008-1475
2019-10-0422:02:05
redhat.com
access.redhat.com
8
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.8%
The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.
Related
nessus
nessus
Fedora 8 : roundup-1.4.6-1.fc8 (2008-9712)
2008-11-21 00:00:00
Fedora 9 : roundup-1.4.6-1.fc9 (2008-9734)
2008-11-21 00:00:00
GLSA-200805-21 : Roundup: Permission bypass
2008-05-28 00:00:00
osv
osv
PYSEC-2008-10
2008-03-24 22:44:00
Roundup xml-rpc server improper check of property permissions
2022-05-01 23:40:33
github
github
Roundup xml-rpc server improper check of property permissions
2022-05-01 23:40:33
fedora
fedora
[SECURITY] Fedora 8 Update: roundup-1.4.6-1.fc8
2008-11-19 14:48:40
[SECURITY] Fedora 9 Update: roundup-1.4.6-1.fc9
2008-11-19 14:51:49
cvelist
cvelist
CVE-2008-1475
2008-03-24 22:00:00
cve
cve
CVE-2008-1475
2008-03-24 22:44:00
prion
prion
Design/Logic Flaw
2008-03-24 22:44:00
ubuntucve
ubuntucve
CVE-2008-1475
2008-03-24 00:00:00
nvd
nvd
CVE-2008-1475
2008-03-24 22:44:00
openvas
openvas
Fedora Update for roundup FEDORA-2008-9734
2009-02-17 00:00:00
Fedora Update for roundup FEDORA-2008-9712
2009-02-17 00:00:00
Fedora Update for roundup FEDORA-2008-9734
2009-02-17 00:00:00
veracode
veracode
Authorization Bypass
2024-04-30 11:35:35
gentoo
gentoo
Roundup: Permission bypass
2008-05-27 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.8%
Related for RH:CVE-2008-1475