RHEL 7 : ipa (RHSA-2020:3936)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3936 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

idm:DL1 and idm:client security, bug fix, and enhancement update

bind-dyndb-ldap 11.3-1 - New upstream release - Resolves: rhbz1845211 ipa 4.8.7-12.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.8.7-12 - Require selinux sub package in the proper version Related: RHBZ1868432 - SELinux: do not double-define nodet and pkitomcatcertt...

pki: Dogtag's python client does not validate certificates

A flaw was found in PKI, where the dogtag's pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from thi...

ipa: No password length restriction leads to denial of service

A flaw was found in IPA. When sending a very long password = 1,000,000 characters to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability...

idm:DL1 and idm:client security, bug fix, and enhancement update

An update is available for python-jwcrypto, custodia, python-qrcode, python-yubico, python-kdcproxy, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky...

Amazon Linux 2 : ipa (ALAS-2020-1519)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1519 advisory. jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

Medium: ipa

Issue Overview: jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. CVE-2015-9251 In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is...

Scientific Linux Security Update : ipa on SL7.x x86_64 (20201001)

Security Fixes : - js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap: Cross-site Scripting XSS in the collapse data-parent attribute CVE-2018-14040 - bootstrap: Cross-site Scripting XSS in the...

CentOS 7 : ipa (RHSA-2020:3936)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3936 advisory. - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option,...

ipa security, bug fix, and enhancement update

4.6.8-5.0.1 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el7 - Resolves: 1826659 IPA: Ldap authentication failure due to Kerberos principal expiration UTC timestamp - ipa-pwd-extop: use timegm instead of mktime to preserve timezone offset...

Vulnerabilities fixed in Red Hat ipa

Vulnerabilities have been fixed in Red Hat ipa. The vulnerabilities allow an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. In addition, the vulnerabilities enab...

Huawei EulerOS: Security Advisory for ipa (EulerOS-SA-2020-2073)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : ipa (EulerOS-SA-2020-2073)

According to the version of the ipa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing...

Huawei EulerOS: Security Advisory for ipa (EulerOS-SA-2020-1918)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : ipa (EulerOS-SA-2020-1918)

According to the version of the ipa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing...

CVE-2019-14047

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

Input validation

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2019-14047

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2019-14047

CVE-2019-14047 affects Qualcomm/Snapdragon IPA driver: a lack of input validation for the rule ID when processing route add rule IOCTL can lead to a vulnerability in the IPA HW commit list across multiple Snapdragon platforms (APQ8053, APQ8096AU, MDM9607, MSM89xx, QCN7605, QCS605, SC8180X, SDA845...

EulerOS 2.0 SP2 : ipa (EulerOS-SA-2020-1679)

According to the version of the ipa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing...