cpe:/a:redhat:directory_server:7.1:sp1 cpe:/a:redhat:directory_server:7.1:sp2 cpe:/a:redhat:directory_server:7.1:sp3 cpe:/a:redhat:directory_server:7.1:sp4 cpe:/a:redhat:directory_server:7.1:sp5 cpe:/a:redhat:directory_server:7.1:sp6 CVE-2008-2928 2008-08-29T14:41:00.000-04:00 2017-09-28T21:31:25.067-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-09-01T22:49:00.000-04:00 SECTRACK 1020771 BID 30869 SECUNIA 31565 SECUNIA 31702 SECUNIA 31777 VUPEN ADV-2008-2480 FEDORA FEDORA-2008-7339 FEDORA FEDORA-2008-7642 HP HPSBUX02354 IAVM IAVM:2008-T-0049 REDHAT RHSA-2008:0596 HP SSRT080113 CONFIRM http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=453916 XF rhds-acceptlanguage-bo(44738) Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.