CVE-2005-3630 — Redhat Fedora Core vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 34.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Fedora Core

Timeline

PublishedDec 31

Latest updateMay 1

Description

Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDredhat/fedora_core1.0

Patches

Patch: secunia.com ↗Patch: www.securityfocus.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-5q24-6jhj-mv45: Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm↗2022-05-01

▶

CVEList

CVE-2005-3630: Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm↗2006-02-24

▶

💬Community

Bugzilla

CVE-2005-3630 use of IFRAME exposes password from adm.conf for users↗2005-12-02

▶