CVE-2016-9575
First published: Tue Nov 15 2016(Updated: )
Due to a missing permission check, certprofile-mod can be used by an authenticated but unprivileged user to modify certificate profile configuration. This could allow the issuance of certificates with fraudulent subject naming information (allowing the holder of the private key to impersonate another entity), or inappropriate key usage or extended key usage information (use of certificate for unauthorised purposes e.g. code signing). Affected versions : 4.2 and above (all versions supporting certificate profiles) Upstream patch : <a href="https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=fec4c32ff15a96736740cf7d2f713a21af0b227e">https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=fec4c32ff15a96736740cf7d2f713a21af0b227e</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/ipa | <4.3.3 | 4.3.3 |
| redhat/ipa | <4.4.3 | 4.4.3 |
| Freeipa Freeipa | =4.2.0 | |
| Freeipa Freeipa | =4.2.0-alpha1 | |
| Freeipa Freeipa | =4.2.1 | |
| Freeipa Freeipa | =4.2.2 | |
| Freeipa Freeipa | =4.2.3 | |
| Freeipa Freeipa | =4.2.4 | |
| Freeipa Freeipa | =4.3.0 | |
| Freeipa Freeipa | =4.3.1 | |
| Freeipa Freeipa | =4.3.2 | |
| Freeipa Freeipa | =4.4.0 | |
| Freeipa Freeipa | =4.4.1 | |
| Freeipa Freeipa | =4.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=fec4c32ff15a96736740cf7d2f713a21af0b227e
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1220871&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1220871&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1404718
- https://rhn.redhat.com/errata/RHSA-2017-0001.html
- https://www.freeipa.org/page/Releases/4.4.3
- https://www.freeipa.org/page/Releases/4.3.3
- https://bugzilla.redhat.com/show_bug.cgi?id=1395311
- http://rhn.redhat.com/errata/RHSA-2017-0001.html
- http://www.securityfocus.com/bid/95068
- collector/nvd-index
- agent/references
- agent/type
- agent/weakness
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-9575
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- agent/tags
- agent/description
- vendor/freeipa
- canonical/freeipa freeipa
- version/freeipa freeipa/4.2.0
- version/freeipa freeipa/4.2.0-alpha1
- version/freeipa freeipa/4.2.1
- version/freeipa freeipa/4.2.2
- version/freeipa freeipa/4.2.3
- version/freeipa freeipa/4.2.4
- version/freeipa freeipa/4.3.0
- version/freeipa freeipa/4.3.1
- version/freeipa freeipa/4.3.2
- version/freeipa freeipa/4.4.0
- version/freeipa freeipa/4.4.1
- version/freeipa freeipa/4.4.2
- package-manager/redhat