Rocky Linux 9 : ipa (RLSA-2024:3754)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3754 advisory. freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-2698 freeipa: user can obtain a hash o...

idm:DL1 security update

bind-dyndb-ldap custodia ipa 4.9.13-10.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-10 - kdb: apply combinatorial logic for ticket flags CVE-2024-3183 Resolves: RHEL-29927 - kdb: fix vulnerability in GCD rules handling CVE-2024-2698 Resolves: RHEL-29692...

Oracle Linux 9 : ipa (ELSA-2024-3754)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3754 advisory. - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force Tenable...

Important: Red Hat Security Advisory: ipa security update

An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

freeipa: delegation rules allow a proxy service to impersonate any user to access another target service

A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the checkallowedtodelegate function: If the target service...

RHEL 9 : ipa (RHSA-2024:3761)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3761 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based...

ipa security update

4.6.8-5.0.1.el79.17 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el79.17 - Resolves: RHEL-29926 ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force...

ipa security update

4.11.0-15.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.11.0-15 - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force -...

Oracle Linux 7 : ipa (ELSA-2024-3760)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3760 advisory. 4.6.8-5.0.1.el79.17 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el79.17 - Resolves: RHEL-29926 ipa: us...

RHEL 9 : ipa (RHSA-2024:3754)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3754 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

RHEL 8 : ipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ipa: Session not terminated after logout CVE-2019-14826 Note that Nessus has not tested for this issue but has...

RHEL 6 : ipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or...

RHEL 7 : ipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 - jQue...

Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa 4.9.13-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 9.4.13-9 - dcerpc: invalidate forest trust...

idm:DL1 and idm:client security update

bind-dyndb-ldap custodia ipa 4.9.13-9.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 9.4.13-9 - dcerpc: invalidate forest trust intfo cache when filtering out realm domains Resolves: RHEL-28559 - Backport latests test fixes in python3-tests ipatests: add xfail for...

RHEL 8 : ipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ipa: Session not terminated after logout CVE-2019-14826 Note that Nessus has not tested for this issue but has...

RHEL 7 : ipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ipa: Session not terminated after logout CVE-2019-14826 Note that Nessus has not tested for this issue but has...

RHEL 6 : ipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ipa: Denial of service in IPA server due to wrong use of berscanf CVE-2019-14867 - FreeIPA uses a default...

ipa-healthcheck bug fix and enhancement update

An update is available for ipa-healthcheck. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

ipa bug fix update

An update is available for ipa. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Identity Management IdM is a centralized...