TROYANOSYVIRUS
Retour aux CVEs

CVE-2016-5404

N/A

Description

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.

Details CVE

Score CVSS v3.1N/A
Publie9/7/2016
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0

Produits affectes

fedoraproject:fedorafreeipa:freeipaoracle:linux

Faiblesses (CWE)

CWE-284

References

http://rhn.redhat.com/errata/RHSA-2016-1797.html(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2016/08/17/9(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html(secalert@redhat.com)
http://www.securityfocus.com/bid/92525(secalert@redhat.com)
https://fedorahosted.org/freeipa/ticket/6232(secalert@redhat.com)
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PZ2ZQTMGC2UBRNHXVVOY3PJDOBP4CP4/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5OROLKFSY5QRQS7NGBNDP5QMOBV3XMZ/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQDYWANTMDFZP3HTGSEOA2IONVUITYX5/(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2016-1797.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2016/08/17/9(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92525(af854a3a-2127-422b-91ae-364da2661108)
https://fedorahosted.org/freeipa/ticket/6232(af854a3a-2127-422b-91ae-364da2661108)
https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=cf74584d0f772f3f5eccc1d30c001e4212a104fd(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PZ2ZQTMGC2UBRNHXVVOY3PJDOBP4CP4/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S5OROLKFSY5QRQS7NGBNDP5QMOBV3XMZ/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQDYWANTMDFZP3HTGSEOA2IONVUITYX5/(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.