Rapid7 Vulnerability & Exploit Database

HP-UX: CVE-2008-2929: Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

HP-UX: CVE-2008-2929: Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

08/29/2008

Created

07/25/2018

Added

08/11/2017

Modified

09/12/2017

Description

Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping.

Solution(s)

hpux-update-netscapedirsvr6-nds-adm
hpux-update-netscapedirsvr6-nds-base
hpux-update-netscapedirsvr6-nds-bsclnt
hpux-update-netscapedirsvr6-nds-bsjre
hpux-update-netscapedirsvr6-nds-nc
hpux-update-netscapedirsvr6-nds-nsperl
hpux-update-netscapedirsvr6-nds-perldap
hpux-update-netscapedirsvr6-nds-slapd
hpux-update-netscapedirsvr6-nds-slclnt
hpux-update-netscapedirsvr6-nds-svcore
hpux-update-netscapedirsvr7-nds-adm
hpux-update-netscapedirsvr7-nds-base
hpux-update-netscapedirsvr7-nds-bsclnt
hpux-update-netscapedirsvr7-nds-bsjre
hpux-update-netscapedirsvr7-nds-nc
hpux-update-netscapedirsvr7-nds-nsperl
hpux-update-netscapedirsvr7-nds-perldap
hpux-update-netscapedirsvr7-nds-run
hpux-update-netscapedirsvr7-nds-slapd
hpux-update-netscapedirsvr7-nds-slclnt
hpux-update-netscapedirsvr7-nds-svcore

References

https://attackerkb.com/topics/cve-2008-2929
30870
CVE - 2008-2929
OVAL5877
RHSA-2008:0596
RHSA-2008:0601
44737

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

HP-UX: CVE-2008-2929: Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)

HP-UX: CVE-2008-2929: Running Netscape / Red Hat Directory Server, Remote Cross Site Scripting (XSS) or Remote Denial of Service (DoS)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.