Red Hat Local Security Checks : RedHat Security Advisory RHSA-2008:0860

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.62889

Kategorie: Red Hat Local Security Checks

Titel: RedHat Security Advisory RHSA-2008:0860

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote host is missing updates announced in
advisory RHSA-2008:0860.

Red Hat Enterprise IPA is an integrated solution to provide
centrally-managed Identity (machines, users, virtual machines, groups,
authentication credentials), Policy (configuration settings, access control
information) and Audit (events, logs, analysis) services.

A flaw was found in the Red Hat Enterprise IPA installation procedure. The
master Kerberos password was set up in the LDAP server in such a way that
it was possible to retrieve the password via an anonymous LDAP connection.
(CVE-2008-3274)

Note: the master Kerberos password is used to encrypt keys. This flaw does
not lead to individual keys being exposed.

Users of Red Hat IPA should upgrade to these updated packages and perform
the operations explained in the solution to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0860.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-3274
1020850
http://www.securitytracker.com/id?1020850
31111
http://www.securityfocus.com/bid/31111
31861
http://secunia.com/advisories/31861
FEDORA-2008-7987
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html
FEDORA-2008-8003
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html
RHSA-2008:0860
http://rhn.redhat.com/errata/RHSA-2008-0860.html
http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c
http://www.freeipa.org/page/CVE-2008-3274
http://www.freeipa.org/page/Downloads
http://www.freeipa.org/page/News
https://bugzilla.redhat.com/show_bug.cgi?id=457835

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.62889
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2008:0860
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2008:0860. Red Hat Enterprise IPA is an integrated solution to provide centrally-managed Identity (machines, users, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis) services. A flaw was found in the Red Hat Enterprise IPA installation procedure. The master Kerberos password was set up in the LDAP server in such a way that it was possible to retrieve the password via an anonymous LDAP connection. (CVE-2008-3274) Note: the master Kerberos password is used to encrypt keys. This flaw does not lead to individual keys being exposed. Users of Red Hat IPA should upgrade to these updated packages and perform the operations explained in the solution to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0860.html http://www.redhat.com/security/updates/classification/#important Risk factor : Medium CVSS Score: 5.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3274 1020850 http://www.securitytracker.com/id?1020850 31111 http://www.securityfocus.com/bid/31111 31861 http://secunia.com/advisories/31861 FEDORA-2008-7987 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html FEDORA-2008-8003 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html RHSA-2008:0860 http://rhn.redhat.com/errata/RHSA-2008-0860.html http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c http://www.freeipa.org/page/CVE-2008-3274 http://www.freeipa.org/page/Downloads http://www.freeipa.org/page/News https://bugzilla.redhat.com/show_bug.cgi?id=457835
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com