Vulnerabilities > CVE-2007-4994 - Credentials Management vulnerability in Redhat Certificate Server 7.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://osvdb.org/40440
- http://secunia.com/advisories/27557
- http://www.redhat.com/support/errata/RHSA-2007-0934.html
- http://www.securityfocus.com/bid/26377
- http://www.securitytracker.com/id?1020532
- http://www.vupen.com/english/advisories/2007/3405
- http://www.vupen.com/english/advisories/2007/3406
- https://rhn.redhat.com/errata/RHSA-2008-0566.html