CVE-2010-3869 - Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated

CVE-2010-3869

Summary

Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.

References

Vulnerable Configurations

cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:dogtag_certificate_system:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:dogtag_certificate_system:*:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 18-11-2010 - 05:00)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:P/A:N

redhat via4

advisories

rhsa
id RHSA-2010:0837
rhsa
id RHSA-2010:0838

rpms

rhpki-ca-0:7.3.0-21.el4
rhpki-common-0:7.3.0-41.el4
rhpki-util-0:7.3.0-21.el4
pki-ca-0:8.0.7-1.el5pki
pki-common-0:8.0.6-2.el5pki
pki-common-javadoc-0:8.0.6-2.el5pki
pki-util-0:8.0.5-1.el5pki
pki-util-javadoc-0:8.0.5-1.el5pki

refmap via4

confirm	https://bugzilla.redhat.com/show_bug.cgi?id=648883 https://fedorahosted.org/pki/changeset/1246
osvdb	69148
sectrack	1024697
secunia	42181

Last major update

18-11-2010 - 05:00

Published

17-11-2010 - 16:00

Last modified

18-11-2010 - 05:00