Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Scientific Linux: SLSA-2017:0001-1 Moderate: ipa Denial of Service Threat

Scientific Large Esm H446
Moderate: ipa security update
Date: Tue, 3 Jan 2017 16:07:28 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: ipa on SL7.x x86_64
MIME-Version: 1.0
Message-ID: <20170103160728.15132.67084@slpackages.fnal.gov>

Synopsis: Moderate: ipa security update
Advisory ID: SLSA-2017:0001-1
Issue Date: 2017-01-02
CVE Numbers: CVE-2016-7030
 CVE-2016-9575
--

Security Fix(es):

* It was discovered that the default IdM password policies that lock out
accounts after a certain number of failed login attempts were also applied
to host and service accounts. A remote unauthenticated user could use this
flaw to cause a denial of service attack against kerberized services.
(CVE-2016-7030)

* It was found that IdM's certprofile-mod command did not properly check
the user's permissions while modifying certificate profiles. An
authenticated, unprivileged attacker could use this flaw to modify
profiles to issue certificates with arbitrary naming or key usage
information and subsequently use such certificates for other attacks.
(CVE-2016-9575)
--

SL7
 x86_64
 ipa-client-4.4.0-14.sl7_3.1.1.x86_64.rpm
 ipa-debuginfo-4.4.0-14.sl7_3.1.1.x86_64.rpm
 ipa-server-4.4.0-14.sl7_3.1.1.x86_64.rpm
 ipa-server-trust-ad-4.4.0-14.sl7_3.1.1.x86_64.rpm
 noarch
 ipa-client-common-4.4.0-14.sl7_3.1.1.noarch.rpm
 ipa-common-4.4.0-14.sl7_3.1.1.noarch.rpm
 ipa-python-compat-4.4.0-14.sl7_3.1.1.noarch.rpm
 python2-ipaclient-4.4.0-14.sl7_3.1.1.noarch.rpm
 python2-ipalib-4.4.0-14.sl7_3.1.1.noarch.rpm
 ipa-admintools-4.4.0-14.sl7_3.1.1.noarch.rpm
 ipa-server-common-4.4.0-14.sl7_3.1.1.noarch.rpm
 ipa-server-dns-4.4.0-14.sl7_3.1.1.noarch.rpm
 python2-ipaserver-4.4.0-14.sl7_3.1.1.noarch.rpm

- Scientific Linux Development Team