Vulnerabilities > CVE-2012-4546 - Configuration vulnerability in Redhat Enterprise Linux 6.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

redhat

CWE-16

nessus

NVD

Published: 2013-04-03

Updated: 2019-04-22

Summary

The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Enterprise Linux 6.0	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

Nessus

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20130221_IPA_ON_SL6_X.NASL
description	It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546)
last seen	2020-03-18
modified	2013-03-05
plugin id	65012
published	2013-03-05
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/65012
title	Scientific Linux Security Update : ipa on SL6.x i386/x86_64 (20130221)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(65012); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/27"); script_cve_id("CVE-2012-4546"); script_name(english:"Scientific Linux Security Update : ipa on SL6.x i386/x86_64 (20130221)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=1062 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?30836ec8" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-admintools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-server-selinux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:ipa-server-trust-ad"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/03"); script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/05"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL6", reference:"ipa-admintools-3.0.0-25.el6")) flag++; if (rpm_check(release:"SL6", reference:"ipa-client-3.0.0-25.el6")) flag++; if (rpm_check(release:"SL6", reference:"ipa-debuginfo-3.0.0-25.el6")) flag++; if (rpm_check(release:"SL6", reference:"ipa-python-3.0.0-25.el6")) flag++; if (rpm_check(release:"SL6", reference:"ipa-server-3.0.0-25.el6")) flag++; if (rpm_check(release:"SL6", reference:"ipa-server-selinux-3.0.0-25.el6")) flag++; if (rpm_check(release:"SL6", reference:"ipa-server-trust-ad-3.0.0-25.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ipa-admintools / ipa-client / ipa-debuginfo / ipa-python / etc"); }

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2013-0528.NASL
description	Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546) These updated ipa packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. Users are advised to upgrade to these updated ipa packages, which fix these issues and add these enhancements.
last seen	2020-06-01
modified	2020-06-02
plugin id	65157
published	2013-03-10
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/65157
title	CentOS 6 : ipa (CESA-2013:0528)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:0528 and # CentOS Errata and Security Advisory 2013:0528 respectively. # include("compat.inc"); if (description) { script_id(65157); script_version("1.8"); script_cvs_date("Date: 2020/01/06"); script_cve_id("CVE-2012-4546"); script_bugtraq_id(58083); script_xref(name:"RHSA", value:"2013:0528"); script_name(english:"CentOS 6 : ipa (CESA-2013:0528)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546) These updated ipa packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. Users are advised to upgrade to these updated ipa packages, which fix these issues and add these enhancements." ); # https://lists.centos.org/pipermail/centos-announce/2013-March/019353.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?363031de" ); # https://lists.centos.org/pipermail/centos-cr-announce/2013-February/000542.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7eb641fe" ); script_set_attribute(attribute:"solution", value:"Update the affected ipa packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4546"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ipa-admintools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ipa-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ipa-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ipa-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ipa-server-selinux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ipa-server-trust-ad"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/03"); script_set_attribute(attribute:"patch_publication_date", value:"2013/03/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) \|\| "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", reference:"ipa-admintools-3.0.0-25.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"ipa-client-3.0.0-25.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"ipa-python-3.0.0-25.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"ipa-server-3.0.0-25.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"ipa-server-selinux-3.0.0-25.el6")) flag++; if (rpm_check(release:"CentOS-6", reference:"ipa-server-trust-ad-3.0.0-25.el6")) flag++; if (flag) { cr_plugin_caveat = '\n' + 'NOTE: The security advisory associated with this vulnerability has a\n' + 'fixed package version that may only be available in the continuous\n' + 'release (CR) repository for CentOS, until it is present in the next\n' + 'point release of CentOS.\n\n' + 'If an equal or higher package level does not exist in the baseline\n' + 'repository for your major version of CentOS, then updates from the CR\n' + 'repository will need to be applied in order to address the\n' + 'vulnerability.\n'; security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + cr_plugin_caveat ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ipa-admintools / ipa-client / ipa-python / ipa-server / etc"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2013-1445.NASL
description	Update to upstream 3.1.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2013-02-04
plugin id	64419
published	2013-02-04
reporter	This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/64419
title	Fedora 18 : freeipa-3.1.2-1.fc18 (2013-1445)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2013-1445. # include("compat.inc"); if (description) { script_id(64419); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-4546", "CVE-2012-5484", "CVE-2013-0199"); script_xref(name:"FEDORA", value:"2013-1445"); script_name(english:"Fedora 18 : freeipa-3.1.2-1.fc18 (2013-1445)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to upstream 3.1.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=870234" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=876307" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=901864" ); # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/098075.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7851a1df" ); script_set_attribute( attribute:"solution", value:"Update the affected freeipa package." ); script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:freeipa"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:18"); script_set_attribute(attribute:"patch_publication_date", value:"2013/01/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^18([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 18.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC18", reference:"freeipa-3.1.2-1.fc18")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "freeipa"); }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2013-0528.NASL
description	Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546) These updated ipa packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. Users are advised to upgrade to these updated ipa packages, which fix these issues and add these enhancements.
last seen	2020-06-01
modified	2020-06-02
plugin id	64773
published	2013-02-21
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/64773
title	RHEL 6 : ipa (RHSA-2013:0528)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:0528. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(64773); script_version("1.13"); script_cvs_date("Date: 2019/10/24 15:35:36"); script_cve_id("CVE-2012-4546"); script_xref(name:"RHSA", value:"2013:0528"); script_name(english:"RHEL 6 : ipa (RHSA-2013:0528)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546) These updated ipa packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. Users are advised to upgrade to these updated ipa packages, which fix these issues and add these enhancements." ); # https://access.redhat.com/knowledge/solutions/295843 script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/solutions/295843" ); # https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?b5caa05f" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2013:0528" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2012-4546" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-admintools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-server-selinux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ipa-server-trust-ad"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/02"); script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/21"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2013:0528"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-admintools-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ipa-admintools-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-admintools-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-client-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ipa-client-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-client-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-debuginfo-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ipa-debuginfo-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-debuginfo-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-python-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"ipa-python-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-python-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-server-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-server-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-server-selinux-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-server-selinux-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"ipa-server-trust-ad-3.0.0-25.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"ipa-server-trust-ad-3.0.0-25.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ipa-admintools / ipa-client / ipa-debuginfo / ipa-python / etc"); } }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2013-0528.NASL
description	From Red Hat Security Advisory 2013:0528 : Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546) These updated ipa packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. Users are advised to upgrade to these updated ipa packages, which fix these issues and add these enhancements.
last seen	2020-06-01
modified	2020-06-02
plugin id	68762
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/68762
title	Oracle Linux 6 : ipa (ELSA-2013-0528)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2013:0528 and # Oracle Linux Security Advisory ELSA-2013-0528 respectively. # include("compat.inc"); if (description) { script_id(68762); script_version("1.4"); script_cvs_date("Date: 2019/09/30 10:58:18"); script_cve_id("CVE-2012-4546"); script_bugtraq_id(56919, 57529); script_xref(name:"RHSA", value:"2013:0528"); script_name(english:"Oracle Linux 6 : ipa (ELSA-2013-0528)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2013:0528 : Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP, and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large-scale Linux and UNIX deployments. It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546) These updated ipa packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. Users are advised to upgrade to these updated ipa packages, which fix these issues and add these enhancements." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2013-February/003303.html" ); script_set_attribute(attribute:"solution", value:"Update the affected ipa packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ipa-admintools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ipa-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ipa-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ipa-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ipa-server-selinux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ipa-server-trust-ad"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/02"); script_set_attribute(attribute:"patch_publication_date", value:"2013/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL6", reference:"ipa-admintools-3.0.0-25.el6")) flag++; if (rpm_check(release:"EL6", reference:"ipa-client-3.0.0-25.el6")) flag++; if (rpm_check(release:"EL6", reference:"ipa-python-3.0.0-25.el6")) flag++; if (rpm_check(release:"EL6", reference:"ipa-server-3.0.0-25.el6")) flag++; if (rpm_check(release:"EL6", reference:"ipa-server-selinux-3.0.0-25.el6")) flag++; if (rpm_check(release:"EL6", reference:"ipa-server-trust-ad-3.0.0-25.el6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ipa-admintools / ipa-client / ipa-python / ipa-server / etc"); }

Redhat

advisories

bugzilla

id	905594
title	Unable to install ipa-server-trust-ad pkg on 32-bit platform

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment ipa-server is earlier than 0:3.0.0-25.el6
oval oval:com.redhat.rhsa:tst:20130528001
comment ipa-server is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20194268018
AND
comment ipa-admintools is earlier than 0:3.0.0-25.el6
oval oval:com.redhat.rhsa:tst:20130528003
comment ipa-admintools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111533010

AND

comment ipa-server-trust-ad is earlier than 0:3.0.0-25.el6
oval oval:com.redhat.rhsa:tst:20130528005
comment ipa-server-trust-ad is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20194268016

AND

comment ipa-server-selinux is earlier than 0:3.0.0-25.el6
oval oval:com.redhat.rhsa:tst:20130528007
comment ipa-server-selinux is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111533006

AND
comment ipa-python is earlier than 0:3.0.0-25.el6
oval oval:com.redhat.rhsa:tst:20130528009
comment ipa-python is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111533004
AND
comment ipa-client is earlier than 0:3.0.0-25.el6
oval oval:com.redhat.rhsa:tst:20130528011
comment ipa-client is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20194268026

rhsa

id	RHSA-2013:0528
released	2013-02-21
severity	Low
title	RHSA-2013:0528: ipa security, bug fix and enhancement update (Low)

rpms

ipa-admintools-0:3.0.0-25.el6
ipa-client-0:3.0.0-25.el6
ipa-debuginfo-0:3.0.0-25.el6
ipa-python-0:3.0.0-25.el6
ipa-server-0:3.0.0-25.el6
ipa-server-selinux-0:3.0.0-25.el6
ipa-server-trust-ad-0:3.0.0-25.el6

References

http://rhn.redhat.com/errata/RHSA-2013-0528.html