CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 1CVE-2013-0336
https://notcve.org/view.php?id=CVE-2013-0336
The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server. La función ipapwd_chpwop en daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c en el servidor del directorio (dirsrv) en FreeIPA anterior a 3.2.0 permite a atacantes remotos causar una denegación de servicio (caída) a través de una solicitud de conexión sin username/dn, relacionado con el servidor del directorio 389. • http://secunia.com/advisories/52763 http://www.securityfocus.com/bid/58747 https://bugzilla.redhat.com/show_bug.cgi?id=913751 https://exchange.xforce.ibmcloud.com/vulnerabilities/83132 https://fedorahosted.org/freeipa/ticket/3539 https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=7b45e33400355df44e75576ef7f70a39d163bf8e • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0199
https://notcve.org/view.php?id=CVE-2013-0199
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors. Las instrucciones de control de acceso LDAP por defecto en FreeIPA 3.0 anterior a 3.1.2 no restringen acceso a los atributos (1) ipaNTTrustAuthIncoming y (2) ipaNTTrustAuthOutgoing, lo que permite a atacantes remotos obtener la clave Cross-Realm Kerberos Trust a través de vectores no especificados. • http://osvdb.org/89539 http://www.freeipa.org/page/CVE-2013-0199 http://www.freeipa.org/page/Releases/3.1.2 http://www.securityfocus.com/bid/57542 https://exchange.xforce.ibmcloud.com/vulnerabilities/81486 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.9EPSS: 0%CPEs: 11EXPL: 0CVE-2012-5484 – ipa: weakness when initiating join from IPA client can potentially compromise IPA domain
https://notcve.org/view.php?id=CVE-2012-5484
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate. El cliente FreeIPA v2.x y v3.x anterior a v3.1.2 no obtiene de forma adecuada el certificado Certification Authority (CA) del servidor, lo que permite ataques man-in-the-middle para falsear el procedimiento de conexión a través de un certificado manipulado. • http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=31e41eea6c2322689826e6065ceba82551c565aa http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=91f4af7e6af53e1c6bf17ed36cb2161863eddae4 http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a1991aeac19c3fec1fdd0d184c6760c90c9f9fc9 http://git.fedorahosted.org/cgit/freeipa.git/commit/? • CWE-310: Cryptographic Issues •