Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Certificate System Security Vulnerabilities - January 2009

cve
cve

CVE-2008-2367

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

6.6AI Score

0.0004EPSS

2009-01-20 04:30 PM
27
cve
cve

CVE-2008-2368

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.

6.6AI Score

0.0004EPSS

2009-01-20 04:30 PM
26
cve
cve

CVE-2008-5082

The verifyProof function in the Token Processing System (TPS) component in Red Hat Certificate System (RHCS) 7.1 through 7.3 and Dogtag Certificate System 1.0 returns successfully even when token enrollment did not use the hardware key, which allows remote authenticated users with enrollment privil...

6.7AI Score

0.005EPSS

2009-01-30 07:30 PM
29