FreeIPA CVE-2012-4546 Certificate Revocation List Security Vulnerability
BID:58083
Info
FreeIPA CVE-2012-4546 Certificate Revocation List Security Vulnerability
| Bugtraq ID: | 58083 |
| Class: | Design Error |
| CVE: |
CVE-2012-4546 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 21 2013 12:00AM |
| Updated: | Apr 04 2013 06:17PM |
| Credit: | Petr Mensik |
| Vulnerable: |
Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop 6 CentOS CentOS 6 |
| Not Vulnerable: | |
Discussion
FreeIPA CVE-2012-4546 Certificate Revocation List Security Vulnerability
FreeIPA is prone to a security vulnerability related to Certificate Revocation Lists.
Successful exploitation can result in inconsistencies with the Certificate Revocation List contents provided to clients from different Identity Management replicas.
FreeIPA 2.x and 3.x are vulnerable.
FreeIPA is prone to a security vulnerability related to Certificate Revocation Lists.
Successful exploitation can result in inconsistencies with the Certificate Revocation List contents provided to clients from different Identity Management replicas.
FreeIPA 2.x and 3.x are vulnerable.
Solution / Fix
FreeIPA CVE-2012-4546 Certificate Revocation List Security Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.