Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871321
Category:Red Hat Local Security Checks
Title:RedHat Update for ipa RHSA-2015:0442-01
Summary:The remote host is missing an update for the 'ipa'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'ipa'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Red Hat Identity Management (IdM) is a centralized authentication, identity
management, and authorization solution for both traditional and cloud-based
enterprise environments.

Two cross-site scripting (XSS) flaws were found in jQuery, which impacted
the Identity Management web administrative interface, and could allow an
authenticated user to inject arbitrary HTML or web script into the
interface. (CVE-2010-5312, CVE-2012-6662)

Note: The IdM version provided by this update no longer uses jQuery.

This update adds several enhancements that are described in more detail in
the Red Hat Enterprise Linux 7.1 Release Notes, linked to in the References
section, including:

* Added the 'ipa-cacert-manage' command, which renews the Certification
Authority (CA) file. (BZ#886645)

* Added the ID Views feature. (BZ#891984)

* IdM now supports using one-time password (OTP) authentication and allows
gradual migration from proprietary OTP solutions to the IdM OTP solution.
(BZ#919228)

* Added the 'ipa-backup' and 'ipa-restore' commands to allow manual
backups. (BZ#951581)

* Added a solution for regulating access permissions to specific sections
of the IdM server. (BZ#976382)

This update also fixes several bugs, including:

* Previously, when IdM servers were configured to require the Transport
Layer Security protocol version 1.1 (TLSv1.1) or later in the httpd server,
the 'ipa' command-line utility failed. With this update, running 'ipa'
works as expected with TLSv1.1 or later. (BZ#1156466)

In addition, this update adds multiple enhancements, including:

* The 'ipa-getkeytab' utility can now optionally fetch existing keytabs
from the KDC. Previously, retrieving an existing keytab was not supported,
as the only option was to generate a new key. (BZ#1007367)

* You can now create and manage a '.' root zone on IdM servers. DNS queries
sent to the IdM DNS server use this configured zone instead of the public
zone. (BZ#1056202)

* The IdM server web UI has been updated and is now based on the Patternfly
framework, offering better responsiveness. (BZ#1108212)

* A new user attribute now enables provisioning systems to add custom tags
for user objects. The tags can be used for automember rules or for
additional local interpretation. (BZ#1108229)

* This update adds a new DNS zone type to ensure that forward and master
zones are better separated. As a result, the IdM DNS interface complies
with the forward zone semantics in BIND. (BZ#1114013)

* This update adds a set of Apache modules that external applications can
use to achieve tighter interaction with IdM beyond simple authentication ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
ipa on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-5312
BugTraq ID: 71106
http://www.securityfocus.com/bid/71106
Debian Security Information: DSA-3249 (Google Search)
http://www.debian.org/security/2015/dsa-3249
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
http://seclists.org/oss-sec/2014/q4/616
http://seclists.org/oss-sec/2014/q4/613
RedHat Security Advisories: RHSA-2015:0442
http://rhn.redhat.com/errata/RHSA-2015-0442.html
RedHat Security Advisories: RHSA-2015:1462
http://rhn.redhat.com/errata/RHSA-2015-1462.html
http://www.securitytracker.com/id/1037035
XForce ISS Database: jqueryui-cve20105312-xss(98696)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98696
Common Vulnerability Exposure (CVE) ID: CVE-2012-6662
BugTraq ID: 71107
http://www.securityfocus.com/bid/71107
https://github.com/jquery/jquery/issues/2432
XForce ISS Database: jqueryui-cve20126662-xss(98697)
https://exchange.xforce.ibmcloud.com/vulnerabilities/98697
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.