Page 2 of 11 results (0.004 seconds)

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0

CVE-2015-1827 – ipa: memory corruption when using get_user_grouplist()

https://notcve.org/view.php?id=CVE-2015-1827

The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups. La función get_user_grouplist en el plug-in extdom en FreeIPA en versiones anteriores a 4.1.4 no reasigna memoria correctamente cuando procesa las cuentas de usuarios, lo que permite a atacantes remotos causar denegación de servicio (caída) a través de una solicitud de lista de grupo para un usuario que pertenece a un número grande de grupos. It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154314.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154103.html http://rhn.redhat.com/errata/RHSA-2015-0728.html http://www.securityfocus.com/bid/73376 https://bugzilla.redhat.com/show_bug.cgi?id=1205200 https://fedorahosted.org/freeipa/ticket/4908 https://access.redhat.com/security/cve/CVE-2015-1827 • CWE-19: Data Processing Errors CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 1

CVE-2013-0336

https://notcve.org/view.php?id=CVE-2013-0336

The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server. La función ipapwd_chpwop en daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c en el servidor del directorio (dirsrv) en FreeIPA anterior a 3.2.0 permite a atacantes remotos causar una denegación de servicio (caída) a través de una solicitud de conexión sin username/dn, relacionado con el servidor del directorio 389. • http://secunia.com/advisories/52763 http://www.securityfocus.com/bid/58747 https://bugzilla.redhat.com/show_bug.cgi?id=913751 https://exchange.xforce.ibmcloud.com/vulnerabilities/83132 https://fedorahosted.org/freeipa/ticket/3539 https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=7b45e33400355df44e75576ef7f70a39d163bf8e • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-0199

https://notcve.org/view.php?id=CVE-2013-0199

The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors. Las instrucciones de control de acceso LDAP por defecto en FreeIPA 3.0 anterior a 3.1.2 no restringen acceso a los atributos (1) ipaNTTrustAuthIncoming y (2) ipaNTTrustAuthOutgoing, lo que permite a atacantes remotos obtener la clave Cross-Realm Kerberos Trust a través de vectores no especificados. • http://osvdb.org/89539 http://www.freeipa.org/page/CVE-2013-0199 http://www.freeipa.org/page/Releases/3.1.2 http://www.securityfocus.com/bid/57542 https://exchange.xforce.ibmcloud.com/vulnerabilities/81486 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.9EPSS: 0%CPEs: 11EXPL: 0

CVE-2012-5484 – ipa: weakness when initiating join from IPA client can potentially compromise IPA domain

https://notcve.org/view.php?id=CVE-2012-5484

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate. El cliente FreeIPA v2.x y v3.x anterior a v3.1.2 no obtiene de forma adecuada el certificado Certification Authority (CA) del servidor, lo que permite ataques man-in-the-middle para falsear el procedimiento de conexión a través de un certificado manipulado. • http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=31e41eea6c2322689826e6065ceba82551c565aa http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=91f4af7e6af53e1c6bf17ed36cb2161863eddae4 http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a1991aeac19c3fec1fdd0d184c6760c90c9f9fc9 http://git.fedorahosted.org/cgit/freeipa.git/commit/? • CWE-310: Cryptographic Issues •

CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 0

CVE-2011-3636 – FreeIPA: CSRF vulnerability

https://notcve.org/view.php?id=CVE-2011-3636

Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes. Vulnerabilidad de falsificación de petición en sitios cruzados en el interfaz de gestión en FreeIPA antes de v2.1.4, permite a atacantes no identificados secuestrar la autenticación de administradores para peticiones que realizan cambios de configuración. • http://freeipa.org/page/IPAv2_214 https://access.redhat.com/security/cve/CVE-2011-3636 https://bugzilla.redhat.com/show_bug.cgi?id=747710 • CWE-352: Cross-Site Request Forgery (CSRF) •