Bug 436107 (CVE-2008-0889) - CVE-2008-0889 directory server: insecure permissions on fedora/redhat-idm-console
Summary: CVE-2008-0889 directory server: insecure permissions on fedora/redhat-idm-con...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2008-0889
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 436101
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-05 13:39 UTC by Tomas Hoger
Modified: 2019-09-29 12:23 UTC (History)
8 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-04-02 17:21:34 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2008:0191 0 normal SHIPPED_LIVE Important: redhat-idm-console security update 2008-03-19 17:36:06 UTC

Description Tomas Hoger 2008-03-05 13:39:12 UTC 
Doncho N. Gunchev reported, that fedora-idm-console is installed with insecure
permissions by default, allowing any local user to modify this script.

This issue also affects redhat-idm-console as shipped with Red Hat Directory
Server 8.
Comment 5 Tomas Hoger 2008-03-19 17:31:45 UTC 
Lifting embargo.
Comment 6 Tomas Hoger 2008-03-19 17:32:48 UTC 
This issue only affected RPM packages of Red Hat Directory Server.  Other
platforms were not affected by this issue.
Comment 7 Rich Megginson 2008-04-02 17:09:57 UTC 
The new packages have been released, both for redhat-idm-console and
fedora-idm-console.  Can we close this bug?
Comment 8 Red Hat Product Security 2008-04-02 17:21:34 UTC 
This issue was addressed in:

Red Hat Directory Server:
  http://rhn.redhat.com/errata/RHSA-2008-0191.html
Note You need to log in before you can comment on or make changes to this bug.