CVE-2012-5484
Published: 27 January 2013
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
Priority
Status
Package | Release | Status |
---|---|---|
freeipa Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
saucy |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
trusty |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
upstream |
Released
(3.1.2)
|
|
utopic |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
vivid |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
wily |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
xenial |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
yakkety |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
zesty |
Not vulnerable
(3.1.2-0ubuntu1)
|
|
Patches: upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f (pt1) upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a40285c5a0288669b72f9d991508d4405885bffc (pt2) upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=91f4af7e6af53e1c6bf17ed36cb2161863eddae4 (pt3) upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a40285c5a0288669b72f9d991508d4405885bffc (pt4) upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f (pt5) |