TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2016-5404

N/A

Beschreibung

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.

CVE Details

CVSS v3.1 BewertungN/A
Veroffentlicht9/7/2016
Zuletzt geandert4/12/2025
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

fedoraproject:fedorafreeipa:freeipaoracle:linux

Schwachen (CWE)

CWE-284

Referenzen

http://rhn.redhat.com/errata/RHSA-2016-1797.html(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2016/08/17/9(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html(secalert@redhat.com)
http://www.securityfocus.com/bid/92525(secalert@redhat.com)
https://fedorahosted.org/freeipa/ticket/6232(secalert@redhat.com)
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PZ2ZQTMGC2UBRNHXVVOY3PJDOBP4CP4/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5OROLKFSY5QRQS7NGBNDP5QMOBV3XMZ/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQDYWANTMDFZP3HTGSEOA2IONVUITYX5/(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-1797.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2016/08/17/9(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92525(af854a3a-2127-422b-91ae-364da2661108)
https://fedorahosted.org/freeipa/ticket/6232(af854a3a-2127-422b-91ae-364da2661108)
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PZ2ZQTMGC2UBRNHXVVOY3PJDOBP4CP4/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5OROLKFSY5QRQS7NGBNDP5QMOBV3XMZ/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQDYWANTMDFZP3HTGSEOA2IONVUITYX5/(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.