Red Hat Local Security Checks : RedHat Security Advisory RHSA-2008:0860

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.62889

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2008:0860

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2008:0860.

Red Hat Enterprise IPA is an integrated solution to provide
centrally-managed Identity (machines, users, virtual machines, groups,
authentication credentials), Policy (configuration settings, access control
information) and Audit (events, logs, analysis) services.

A flaw was found in the Red Hat Enterprise IPA installation procedure. The
master Kerberos password was set up in the LDAP server in such a way that
it was possible to retrieve the password via an anonymous LDAP connection.
(CVE-2008-3274)

Note: the master Kerberos password is used to encrypt keys. This flaw does
not lead to individual keys being exposed.

Users of Red Hat IPA should upgrade to these updated packages and perform
the operations explained in the solution to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0860.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-3274
1020850
http://www.securitytracker.com/id?1020850
31111
http://www.securityfocus.com/bid/31111
31861
http://secunia.com/advisories/31861
FEDORA-2008-7987
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html
FEDORA-2008-8003
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html
RHSA-2008:0860
http://rhn.redhat.com/errata/RHSA-2008-0860.html
http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c
http://www.freeipa.org/page/CVE-2008-3274
http://www.freeipa.org/page/Downloads
http://www.freeipa.org/page/News
https://bugzilla.redhat.com/show_bug.cgi?id=457835

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.62889
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0860
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0860. Red Hat Enterprise IPA is an integrated solution to provide centrally-managed Identity (machines, users, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis) services. A flaw was found in the Red Hat Enterprise IPA installation procedure. The master Kerberos password was set up in the LDAP server in such a way that it was possible to retrieve the password via an anonymous LDAP connection. (CVE-2008-3274) Note: the master Kerberos password is used to encrypt keys. This flaw does not lead to individual keys being exposed. Users of Red Hat IPA should upgrade to these updated packages and perform the operations explained in the solution to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0860.html http://www.redhat.com/security/updates/classification/#important Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3274 1020850 http://www.securitytracker.com/id?1020850 31111 http://www.securityfocus.com/bid/31111 31861 http://secunia.com/advisories/31861 FEDORA-2008-7987 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html FEDORA-2008-8003 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html RHSA-2008:0860 http://rhn.redhat.com/errata/RHSA-2008-0860.html http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c http://www.freeipa.org/page/CVE-2008-3274 http://www.freeipa.org/page/Downloads http://www.freeipa.org/page/News https://bugzilla.redhat.com/show_bug.cgi?id=457835
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com