Fedora Directory Server prior to 10 allows remote malicious users to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat fedora core 1.0 |