TROYANOSYVIRUS
Volver a CVEs

CVE-2016-5404

N/A

Descripcion

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.

Detalles CVE

Puntuacion CVSS v3.1N/A
Publicado9/7/2016
Ultima modificacion4/12/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

fedoraproject:fedorafreeipa:freeipaoracle:linux

Debilidades (CWE)

CWE-284

Referencias

http://rhn.redhat.com/errata/RHSA-2016-1797.html(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2016/08/17/9(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html(secalert@redhat.com)
http://www.securityfocus.com/bid/92525(secalert@redhat.com)
https://fedorahosted.org/freeipa/ticket/6232(secalert@redhat.com)
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PZ2ZQTMGC2UBRNHXVVOY3PJDOBP4CP4/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5OROLKFSY5QRQS7NGBNDP5QMOBV3XMZ/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQDYWANTMDFZP3HTGSEOA2IONVUITYX5/(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-1797.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2016/08/17/9(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92525(af854a3a-2127-422b-91ae-364da2661108)
https://fedorahosted.org/freeipa/ticket/6232(af854a3a-2127-422b-91ae-364da2661108)
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PZ2ZQTMGC2UBRNHXVVOY3PJDOBP4CP4/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5OROLKFSY5QRQS7NGBNDP5QMOBV3XMZ/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQDYWANTMDFZP3HTGSEOA2IONVUITYX5/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.