An updated adminutil package that fixes a security issue is now available
for Red Hat Directory Server 8.0.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Red Hat Directory Server is an LDAPv3-compliant server. The adminutil
packages is collection of function libraries used to administer directory
servers, usually in conjunction with the Administration Server.
The Directory Server Administration Express web interface incorrectly
parsed %-escaped user provided values. A remote attacker could use this
flaw to conduct cross-site scripting attacks against directory server
administrators using the Administration Express web interface.
(CVE-2008-2929)
All users of Red Hat Directory Server should upgrade to this updated
adminutil packages, which resolve this issue.
This update is available via Red Hat Network.
Users running Red Hat Directory Server 8 on Red Hat Enterprise Linux should
consult the following Knowledge Base article for instruction on how to
install updated RPM packages:
http://kbase.redhat.com/faq/FAQ_58_10188
Users running Red Hat Directory Server 8 on Solaris can download updated
Solaris packages in the PKG format form the Red Hat Directory Server 8.0
Solaris channel on the Red Hat Network. Those packages need to be
installed/upgraded using Solaris native package management tools.
See also Red Hat Directory Server 8.0 Installation Guide for installation
instructions:
http://www.redhat.com/docs/manuals/dir-server/install/8.0/
| Directory Server 8 EL4 |
|
| SRPMS: |
adminutil-1.1.7-3.el4dsrv.src.rpm
File outdated by: RHEA-2009:0455 |
cea73efe4942fa4e90755cca81b43c71 |
adminutil-1.1.7-3.el4dsrv.src.rpm
File outdated by: RHEA-2009:0455 |
cea73efe4942fa4e90755cca81b43c71 |
| |
| IA-32: |
adminutil-1.1.7-3.el4dsrv.i386.rpm
File outdated by: RHEA-2009:0455 |
febe5ea306f809dc6a3199d11e416d4b |
adminutil-1.1.7-3.el4dsrv.i386.rpm
File outdated by: RHEA-2009:0455 |
febe5ea306f809dc6a3199d11e416d4b |
adminutil-devel-1.1.7-3.el4dsrv.i386.rpm
File outdated by: RHEA-2009:0455 |
c907290c0561a77585f4e5375f786720 |
adminutil-devel-1.1.7-3.el4dsrv.i386.rpm
File outdated by: RHEA-2009:0455 |
c907290c0561a77585f4e5375f786720 |
| |
| x86_64: |
adminutil-1.1.7-3.el4dsrv.x86_64.rpm
File outdated by: RHEA-2009:0455 |
060a41614dd67a102225147cbe1e3f41 |
adminutil-1.1.7-3.el4dsrv.x86_64.rpm
File outdated by: RHEA-2009:0455 |
060a41614dd67a102225147cbe1e3f41 |
adminutil-devel-1.1.7-3.el4dsrv.x86_64.rpm
File outdated by: RHEA-2009:0455 |
abb0faeaa57cd8d778631bf4097ae65d |
adminutil-devel-1.1.7-3.el4dsrv.x86_64.rpm
File outdated by: RHEA-2009:0455 |
abb0faeaa57cd8d778631bf4097ae65d |
| |
| Directory Server 8 EL5 |
|
| SRPMS: |
adminutil-1.1.7-3.el5dsrv.src.rpm
File outdated by: RHEA-2009:0455 |
f8744c1785c1b75a6366c04de2e54ffd |
| |
| IA-32: |
adminutil-1.1.7-3.el5dsrv.i386.rpm
File outdated by: RHEA-2009:0455 |
98fccd740dbcf2bd5200b875b37a53d5 |
adminutil-devel-1.1.7-3.el5dsrv.i386.rpm
File outdated by: RHEA-2009:0455 |
3c93f10ac2c9750169bf6f89444ffcc1 |
| |
| x86_64: |
adminutil-1.1.7-3.el5dsrv.x86_64.rpm
File outdated by: RHEA-2009:0455 |
93d3919979eac357600cd49fc9cdad35 |
adminutil-devel-1.1.7-3.el5dsrv.x86_64.rpm
File outdated by: RHEA-2009:0455 |
1b693a99c0121a0be451c48b6f2d83d5 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
454621 - CVE-2008-2929 Directory Server: multiple XSS issues
Moderate: adminutil security update