{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Novell Apache on Netware 2.0.48.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Novell Netware 6.5 Support Pack 5 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell Netware 6.5 Support Pack 7 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell Netware 6.5 Support Pack 6 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 permet \u00e0 une personne malintentionn\u00e9e d'acc\u00e9der, sans\nmot de passe, \u00e0 la console ApacheAdmin apr\u00e8s l'installation du serveur\nLinux OES2 sur Netware 6.5.\n\nG\u00e9n\u00e9ralement, ce probl\u00e8me survient lorsque le serveur Netware a \u00e9t\u00e9 mis\n\u00e0 jour \u00e0 partir d'une version pr\u00e9c\u00e9dente de Netware 6.5 (i.e. Support\nPack 2 \u00e0 7).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[],"reference":"CERTA-2008-AVI-582","revisions":[{"description":"version initiale.","revision_date":"2008-12-08T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 d\u00e9couverte dans Apache pour Novell Netware permet \u00e0\nune personne malintentionn\u00e9e de contourner la politique de s\u00e9curit\u00e9.\n","title":"Vuln\u00e9rabilit\u00e9 dans Apache pour Novell Netware","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Novell #7001907 du 04 d\u00e9cembre 2008","url":"http://www.novell.com/support/viewContent.do?externalId=7001907"}]}