CVE-2015-5284

Опубликовано: 21 сент. 2017

Источник: debian

Описание

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

Пакет	Статус	Версия исправления	Релиз	Тип
freeipa	not-affected			package

https://fedorahosted.org/freeipa/ticket/5347
Upstream commit: https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=55a66ccba3e2181a50e7733b7476991975b7455f

CVE-2015-5284

CVSS3: 9.8

ubuntu

больше 8 лет назад

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

CVE-2015-5284

redhat

больше 10 лет назад

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

CVE-2015-5284

CVSS3: 9.8

nvd

больше 8 лет назад

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

GHSA-2vgj-j756-9gpx

CVSS3: 9.8

github

больше 3 лет назад

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.