Vulnerabilities > CVE-2008-1676 - Credentials Management vulnerability in Netscape Certificate Management System 6.0/6.01/6.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
Application | 4 |
Common Weakness Enumeration (CWE)
Redhat
advisories |
| ||||||||
rpms |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 30062 CVE ID:CVE-2008-1676 CNCVE ID:CNCVE-20081676 Red Hat Certificate System用于确保用户的身份以及通讯的私密性的证书系统。 Red Hat Certificate System在处理证书签名请求(csr)时存在缺陷,远程攻击者可以利用漏洞绕过安全策略进行中间人等攻击。 在证书签名请求中处理扩展存在缺陷,即使在证书授权档案文件中强制定义,所有请求扩展也会增加到发布的证书中。即使CA配置成禁止使用次级CA证书的情况下,攻击者可以针对次级CA证书发布一个CSR。这可导致绕过安全策略,放大针对使用RedHat证书管理的可信证书授权用户的中间人攻击威胁。 RedHat Certificate Server 7.3 RedHat Certificate Server 7.2 可参考如下安全公告获得补丁信息: <a href=http://rhn.redhat.com/errata/RHSA-2008-0500.html target=_blank>http://rhn.redhat.com/errata/RHSA-2008-0500.html</a> <a href=http://rhn.redhat.com/errata/RHSA-2008-0577.html target=_blank>http://rhn.redhat.com/errata/RHSA-2008-0577.html</a> |
id | SSV:3534 |
last seen | 2017-11-19 |
modified | 2008-07-03 |
published | 2008-07-03 |
reporter | Root |
title | Red Hat证书系统rhpki-common安全绕过漏洞 |
References
- https://bugzilla.redhat.com/show_bug.cgi?id=445227
- http://rhn.redhat.com/errata/RHSA-2008-0500.html
- http://rhn.redhat.com/errata/RHSA-2008-0577.html
- http://www.securityfocus.com/bid/30062
- http://secunia.com/advisories/30929
- http://www.securitytracker.com/id?1020427
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43573