Bug 174837
Summary: | CVE-2005-3630 use of IFRAME exposes password from adm.conf for users | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Frank Reppin <frank> | ||||||
Component: | UI - General UI | Assignee: | Rich Megginson <rmeggins> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | 1.0 | CC: | security-response-team | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2015-12-07 16:46:48 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 152373, 240316 | ||||||||
Attachments: |
|
Description
Frank Reppin
2005-12-02 17:14:50 UTC
A patch file has been created to fix the flaw. See http://directory.fedora.redhat.com/wiki/FDS10Announcement for information about how to download the patch and how to apply it to the FDS 1.0 installation. Created attachment 121993 [details]
list of files for fix
Created attachment 121994 [details]
diffs for fix
Checking in adminserver/admserv/cfgstuff/admserv.conf; /cvs/dirsec/adminserver/admserv/cfgstuff/admserv.conf,v <-- admserv.conf new revision: 1.12; previous revision: 1.11 done Checking in adminserver/admserv/cfgstuff/httpd.conf; /cvs/dirsec/adminserver/admserv/cfgstuff/httpd.conf,v <-- httpd.conf new revision: 1.7; previous revision: 1.6 done Making public as wiki page contains a link to this bug. verified aginst: 1193765112 idm-console-framework-1.1.0-5.el5idm Tue Oct 30 2007 1193765112 redhat-idm-console-1.0.0-13.el5idm Tue Oct 30 2007 1194380792 tftp-0.42-3.1 Tue Nov 06 2007 1195006662 subversion-1.4.2-2.el5 Tue Nov 13 2007 1195169113 redhat-ds-base-8.0.0-11.el5dsrv Thu Nov 15 2007 1195169115 redhat-ds-admin-8.0.0-1.15.el5dsrv Thu Nov 15 2007 1195169117 redhat-ds-console-8.0.0-8.el5dsrv Thu Nov 15 2007 1195169118 redhat-admin-console-8.0.0-9.el5dsrv Thu Nov 15 2007 |