Test ID:	1.3.6.1.4.1.25623.1.0.123064
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2015-1347)
Summary:	The remote host is missing an update for the 'pki-core' package(s) announced via the ELSA-2015-1347 advisory.
Description:	Summary: The remote host is missing an update for the 'pki-core' package(s) announced via the ELSA-2015-1347 advisory. Vulnerability Insight: [9.0.3-43] - Resolves #1225589 - unable to create rhel 7.1 replica from rhel 6 replica CA because subsystem user does not exist [9.0.3-42] - Resolves #1221900 - pki-core: cross-site scripting flaw in the dogtag administration page (port 9180, port 9444) [rhel-6.7] [9.0.3-41] - Resolves #1212557 - ipa-server-install fails when configuring CA [9.0.3-40] - Resolves #1171848 - IPA - port 9443 (pki-core) is vulnerable to SSLv3 POODLE (based upon upstream changes provided by cfu and alee) Affected Software/OS: 'pki-core' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2662 1027284 http://www.securitytracker.com/id?1027284 50013 http://secunia.com/advisories/50013 54608 http://www.securityfocus.com/bid/54608 84099 http://osvdb.org/84099 RHSA-2012:1103 http://rhn.redhat.com/errata/RHSA-2012-1103.html RHSA-2015:1347 http://rhn.redhat.com/errata/RHSA-2015-1347.html rhcs-agentendentity-xss(77101) https://exchange.xforce.ibmcloud.com/vulnerabilities/77101
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.