CVE-2016-9575

Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary...

CVE-2016-9575

CVE-2016-9575 concerns an insufficient permission check in IPA’s certprofile-mod command. Affected products/versions include IPA 4.2.x, 4.3.x before 4.3.3, and 4.4.x before 4.4.3. An authenticated, unprivileged attacker could modify certificate profiles, enabling issuance of certificates with arb...

CVE-2016-9575

Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary...

Microsoft PowerShell Core DoS And Security Feature Bypass Vulnerabilities - Linux

This host is missing an important security update for PowerShell Core according to Microsoft security update January 2018. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

.NET Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft .NET Framework and .NET Core components do not completely validate certificates. An attacker could present a certificate that is marked invalid for a specific use, but the component uses it for that purpose. This action disregards the...

Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 (KB 4054171)

Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 KB 4054171 View products that this article applies to. Summary This security update resolves a security feature bypass vulnerability that exists when Microsoft .NET Framework and .NET Core components do not...

CVE-2014-2903

CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake...

DEBIAN-CVE-2014-2903

CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake...

CVE-2014-2903

CVE-2014-2903 affects CyaSSL (WolfSSL) and related builds; the root cause is that key usage extension checking in leaf certificates is not performed, allowing a remote attacker to spoof a server with a certificate not authorized for SSL/TLS handshakes. The connected records corroborate the issue ...

CVE-2014-2903

CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake...

CVE-2014-2903

CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake...

UBUNTU-CVE-2017-12871

The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.x through 1.14.11 makes it easier for context-dependent attackers to bypass the encryption protection mechanism by leveraging use of the first 16 bytes of the secret key as the initialization vector IV...

.NET Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft .NET Framework and .NET Core components do not completely validate certificates. An attacker could present a certificate that is marked invalid for a specific use, but the component uses it for that purpose. This action disregards the...

EulerOS 2.0 SP1 : ipa (EulerOS-SA-2017-1013)

According to the versions of the ipa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the default IdM password policies that lock out accounts after a certain number of failed login attempts were also applied t...

Botan X509_Certificate::allowed_usage function design vulnerability

Botan is a cryptographic library written in C++11 and distributed under the Simplified BSD license. A design flaw in the Botan X509Certificate::allowedusage function can be exploited by an attacker to cause some impact on calls with more than one KeyUsage set in the enumeration value...

Design/Logic Flaw

The X509Certificate::allowedusage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one KeyUsage set in the enum value...

CVE-2016-6879

The X509Certificate::allowedusage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one KeyUsage set in the enum value...

ipa: Insufficient permission check in certprofile-mod

It was found that IdM's certprofile-mod command did not properly check the user's permissions while modifying certificate profiles. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently...

Moderate: Red Hat Security Advisory: ipa security update

An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

RedHat Update for ipa RHSA-2017:0001-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...