[2/5] Red Hat Directory Server Insecure Directory Permissions

March 12th, 2008 by

[2/5] Red Hat Directory Server Insecure Directory Permissions

:A vulnerability has been reported in Red Hat Directory Server, which can be exploited by malicious, local users to gain escalated privileges.The vulnerability is caused due to insecure permissions being set for the "/opt/redhat-ds/java/jars" directory. This can be exploited by a malicious, local user to replace ".jar" archives and execute arbitrary code.The vulnerability is reported in version 7.1 prior to Service Pack 4.Solution:The vendor has fixed the vulnerability in Red Hat Directory Server 7.1 Service Pack 4, which is available via Red Hat Network.http://rhn.redhat.com/Provided and/or discovered by:Reported by the vendor.Original Advisory:http://rhn.redhat.com/errata/RHSA-2008-0173.html

Original post by manisha

[2/5] Red Hat Directory Server Insecure Directory Permissions

Related Articles:

[2/5] Panda Antivirus Insecure Default Directory Permissions

[2/5] VBA32 Antivirus Insecure Default Directory Permissions

[2/5] Red Hat Directory Server Insecure File Permissions

[2/5] IBM Tivoli Continuous Data Protection for Files Insecure Permissions

[2/5] xfsdump “xfs_fsr” Insecure Temporary Directory Creation

Posted in Advisories - Exploits | | [2/5] Red Hat Directory Server Insecure Directory Permissions

<< [2/5] Debian update for libnet-dns-perl | [3/5] HP-UX HP CIFS Server Multiple Vulnerabilities >>

Cybertrion Systems

[2/5] Red Hat Directory Server Insecure Directory Permissions

Categories

Archives:

Search:

Meta: