Red Hat Certificate System Certificate Revocation List Bypass Weakness
BID:26377
Info
Red Hat Certificate System Certificate Revocation List Bypass Weakness
| Bugtraq ID: | 26377 |
| Class: | Design Error |
| CVE: |
CVE-2007-4994 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 08 2007 12:00AM |
| Updated: | Jul 21 2008 10:58PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Redhat Certificate Server 7.3 Redhat Certificate Server 7.2 |
| Not Vulnerable: | |
Discussion
Red Hat Certificate System Certificate Revocation List Bypass Weakness
Red Hat Certificate System is prone to a weakness that may allow users with certain revoked certificates to bypass the Certificate Revocation List (CRL).
The issue affects Red Hat Certificate System 7.2.
Red Hat Certificate System is prone to a weakness that may allow users with certain revoked certificates to bypass the Certificate Revocation List (CRL).
The issue affects Red Hat Certificate System 7.2.
Exploit / POC
Red Hat Certificate System Certificate Revocation List Bypass Weakness
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Red Hat Certificate System Certificate Revocation List Bypass Weakness
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
References
Red Hat Certificate System Certificate Revocation List Bypass Weakness
References:
References: