CVE-2008-5696

Published Dec 19, 2008

Last updated 7 years ago

Overview

Description: Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:novell:netware:*:sp7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "174FE537-D73F-4230-AED1-B9F1C4182C08",
            "versionEndIncluding": "6.5"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D328A81E-DC60-4B67-B707-F0AD9A6F48E2"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CEB9CEA-9245-490F-88F6-EFD23B11A19B"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0669D0E2-AB83-44AE-A87C-C7EB7AA2953A"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "062E2A9A-CF88-4844-B5A1-7418722087D9"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F8E031C-CE1F-410F-8F32-B3E33719C498"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87F80FDC-7851-4EA8-BC7D-87B85C6BB93C"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C3AB68F-1D78-4217-9C56-B1B25F62FF38"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F7A41C8-4332-4F8C-A297-6850C05B3EB6"
          },
          {
            "criteria": "cpe:2.3:o:novell:netware:6.5:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DC7371E-6D35-4C9A-B688-E14391D9B953"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References