The remote host is missing an update for the
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.871657");
script_version("2024-03-21T05:06:54+0000");
script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
script_tag(name:"creation_date", value:"2016-09-07 10:08:46 +0530 (Wed, 07 Sep 2016)");
script_cve_id("CVE-2016-5404");
script_tag(name:"cvss_base", value:"4.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-12-27 16:08:00 +0000 (Fri, 27 Dec 2019)");
script_tag(name:"qod_type", value:"package");
script_name("RedHat Update for ipa RHSA-2016:1797-01");
script_tag(name:"summary", value:"The remote host is missing an update for the 'ipa'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Red Hat Identity Management (IdM) is a
centralized authentication, identity management, and authorization solution
for both traditional and cloud-based enterprise environments.
Security Fix(es):
* An insufficient permission check issue was found in the way IPA server
treats certificate revocation requests. An attacker logged in with the
'retrieve certificate' permission enabled could use this flaw to revoke
certificates, possibly triggering a denial of service attack.
(CVE-2016-5404)
This issue was discovered by Fraser Tweedale (Red Hat).");
script_tag(name:"affected", value:"ipa on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Server (v. 7),
Red Hat Enterprise Linux Workstation (v. 6)");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_xref(name:"RHSA", value:"2016:1797-01");
script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2016-September/msg00000.html");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2016 Greenbone AG");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_(7|6)");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "RHENT_7")
{
if ((res = isrpmvuln(pkg:"ipa-admintools", rpm:"ipa-admintools~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-client", rpm:"ipa-client~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-debuginfo", rpm:"ipa-debuginfo~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-python", rpm:"ipa-python~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-server", rpm:"ipa-server~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-server-dns", rpm:"ipa-server-dns~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-server-trust-ad", rpm:"ipa-server-trust-ad~4.2.0~15.el7_2.19", rls:"RHENT_7")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
if(release == "RHENT_6")
{
if ((res = isrpmvuln(pkg:"ipa-admintools", rpm:"ipa-admintools~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-client", rpm:"ipa-client~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-debuginfo", rpm:"ipa-debuginfo~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-python", rpm:"ipa-python~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-server", rpm:"ipa-server~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-server-selinux", rpm:"ipa-server-selinux~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ipa-server-trust-ad", rpm:"ipa-server-trust-ad~3.0.0~50.el6_8.2", rls:"RHENT_6")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}