cvelistv5 - cve-2008-1676

CVE-2008-1676 (GCVE-0-2008-1676)

Vulnerability from cvelistv5 – Published: 2008-07-07 23:00 – Updated: 2024-08-07 08:32

Summary

Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

RHSA-2008:0577

Vulnerability from csaf_redhat - Published: 2008-07-02 17:50 - Updated: 2025-11-21 17:33

Summary

Red Hat Security Advisory: rhpki-common security update

Notes

Topic

Updated rhpki-common packages that fix a security issue are now available for Red Hat Certificate System 7.2. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

Red Hat Certificate System (RHCS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. rhpki-common -- the Red Hat PKI Common Framework -- is required by the following four RHCS subsystems: the Red Hat Certificate Authority; the Red Hat Data Recovery Manager; the Red Hat Online Certificate Status Protocol Manager; and the Red Hat Token Key Service. A flaw was found in the way Red Hat Certificate System handled Extensions in the certificate signing requests (CSR). All requested Extensions were added to the issued certificate even if constraints were defined in the Certificate Authority (CA) profile. An attacker could submit a CSR for a subordinate CA certificate even if the CA configuration prohibited subordinate CA certificates. This lead to a bypass of the intended security policy, possibly simplifying man-in-the-middle attacks against users that trust Certificate Authorities managed by Red Hat Certificate System. (CVE-2008-1676) All users of Red Hat Certificate System 7.2 should upgrade to these updated packages, which resolves this issue.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated rhpki-common packages that fix a security issue are now available\nfor Red Hat Certificate System 7.2.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nrhpki-common -- the Red Hat PKI Common Framework -- is required by the\nfollowing four RHCS subsystems: the Red Hat Certificate Authority; the Red\nHat Data Recovery Manager; the Red Hat Online Certificate Status Protocol\nManager; and the Red Hat Token Key Service.\n\nA flaw was found in the way Red Hat Certificate System handled Extensions\nin the certificate signing requests (CSR). All requested Extensions were\nadded to the issued certificate even if constraints were defined in the\nCertificate Authority (CA) profile. An attacker could submit a CSR for a\nsubordinate CA certificate even if the CA configuration prohibited\nsubordinate CA certificates. This lead to a bypass of the intended security\npolicy, possibly simplifying man-in-the-middle attacks against users that\ntrust Certificate Authorities managed by Red Hat Certificate System.\n(CVE-2008-1676)\n\nAll users of Red Hat Certificate System 7.2 should upgrade to these updated\npackages, which resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0577",
        "url": "https://access.redhat.com/errata/RHSA-2008:0577"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#important",
        "url": "http://www.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "445227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0577.json"
      }
    ],
    "title": "Red Hat Security Advisory: rhpki-common security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:33:32+00:00",
      "generator": {
        "date": "2025-11-21T17:33:32+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0577",
      "initial_release_date": "2008-07-02T17:50:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-02T17:50:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-02T13:54:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:33:32+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.2 for 4AS",
                "product": {
                  "name": "Red Hat Certificate System 7.2 for 4AS",
                  "product_id": "4AS-CERT-7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.2 for 4ES",
                "product": {
                  "name": "Red Hat Certificate System 7.2 for 4ES",
                  "product_id": "4ES-CERT-7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Certificate System"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhpki-common-0:7.2.0-11.noarch",
                "product": {
                  "name": "rhpki-common-0:7.2.0-11.noarch",
                  "product_id": "rhpki-common-0:7.2.0-11.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhpki-common@7.2.0-11?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.2.0-11.noarch as a component of Red Hat Certificate System 7.2 for 4AS",
          "product_id": "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
        },
        "product_reference": "rhpki-common-0:7.2.0-11.noarch",
        "relates_to_product_reference": "4AS-CERT-7.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.2.0-11.noarch as a component of Red Hat Certificate System 7.2 for 4ES",
          "product_id": "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
        },
        "product_reference": "rhpki-common-0:7.2.0-11.noarch",
        "relates_to_product_reference": "4ES-CERT-7.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-1676",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "discovery_date": "2008-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "445227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: incorrect handling of Extensions in CSRs (cs71)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch",
          "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "RHBZ#445227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676"
        }
      ],
      "release_date": "2008-07-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-02T17:50:00+00:00",
          "details": "Users running Red Hat Certificate System on Red Hat Enterprise Linux:\n\nBefore applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the Red\nHat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n\nUsers running Red Hat Certificate System on Sun Solaris:\n\nAn updated Solaris packages in .pkg format are available in the Red Hat\nCertificate System Solaris channels on the Red Hat Network. This packages\nshould be installed/upgraded using Solaris native package management tools.\n\nSee also Red Hat Certificate System Administration Guide for installation\ninstructions:\nhttp://www.redhat.com/docs/manuals/cert-system/",
          "product_ids": [
            "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch",
            "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0577"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch",
            "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "System: incorrect handling of Extensions in CSRs (cs71)"
    }
  ]
}

RHSA-2008_0577

Vulnerability from csaf_redhat - Published: 2008-07-02 17:50 - Updated: 2024-11-22 02:01

Summary

Red Hat Security Advisory: rhpki-common security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated rhpki-common packages that fix a security issue are now available\nfor Red Hat Certificate System 7.2.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nrhpki-common -- the Red Hat PKI Common Framework -- is required by the\nfollowing four RHCS subsystems: the Red Hat Certificate Authority; the Red\nHat Data Recovery Manager; the Red Hat Online Certificate Status Protocol\nManager; and the Red Hat Token Key Service.\n\nA flaw was found in the way Red Hat Certificate System handled Extensions\nin the certificate signing requests (CSR). All requested Extensions were\nadded to the issued certificate even if constraints were defined in the\nCertificate Authority (CA) profile. An attacker could submit a CSR for a\nsubordinate CA certificate even if the CA configuration prohibited\nsubordinate CA certificates. This lead to a bypass of the intended security\npolicy, possibly simplifying man-in-the-middle attacks against users that\ntrust Certificate Authorities managed by Red Hat Certificate System.\n(CVE-2008-1676)\n\nAll users of Red Hat Certificate System 7.2 should upgrade to these updated\npackages, which resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0577",
        "url": "https://access.redhat.com/errata/RHSA-2008:0577"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#important",
        "url": "http://www.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "445227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0577.json"
      }
    ],
    "title": "Red Hat Security Advisory: rhpki-common security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:01:21+00:00",
      "generator": {
        "date": "2024-11-22T02:01:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2008:0577",
      "initial_release_date": "2008-07-02T17:50:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-02T17:50:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-02T13:54:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:01:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.2 for 4AS",
                "product": {
                  "name": "Red Hat Certificate System 7.2 for 4AS",
                  "product_id": "4AS-CERT-7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.2 for 4ES",
                "product": {
                  "name": "Red Hat Certificate System 7.2 for 4ES",
                  "product_id": "4ES-CERT-7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Certificate System"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhpki-common-0:7.2.0-11.noarch",
                "product": {
                  "name": "rhpki-common-0:7.2.0-11.noarch",
                  "product_id": "rhpki-common-0:7.2.0-11.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhpki-common@7.2.0-11?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.2.0-11.noarch as a component of Red Hat Certificate System 7.2 for 4AS",
          "product_id": "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
        },
        "product_reference": "rhpki-common-0:7.2.0-11.noarch",
        "relates_to_product_reference": "4AS-CERT-7.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.2.0-11.noarch as a component of Red Hat Certificate System 7.2 for 4ES",
          "product_id": "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
        },
        "product_reference": "rhpki-common-0:7.2.0-11.noarch",
        "relates_to_product_reference": "4ES-CERT-7.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-1676",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "discovery_date": "2008-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "445227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: incorrect handling of Extensions in CSRs (cs71)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch",
          "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "RHBZ#445227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676"
        }
      ],
      "release_date": "2008-07-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-02T17:50:00+00:00",
          "details": "Users running Red Hat Certificate System on Red Hat Enterprise Linux:\n\nBefore applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the Red\nHat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n\nUsers running Red Hat Certificate System on Sun Solaris:\n\nAn updated Solaris packages in .pkg format are available in the Red Hat\nCertificate System Solaris channels on the Red Hat Network. This packages\nshould be installed/upgraded using Solaris native package management tools.\n\nSee also Red Hat Certificate System Administration Guide for installation\ninstructions:\nhttp://www.redhat.com/docs/manuals/cert-system/",
          "product_ids": [
            "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch",
            "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0577"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-CERT-7.2:rhpki-common-0:7.2.0-11.noarch",
            "4ES-CERT-7.2:rhpki-common-0:7.2.0-11.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "System: incorrect handling of Extensions in CSRs (cs71)"
    }
  ]
}

RHSA-2008:0500

Vulnerability from csaf_redhat - Published: 2008-07-02 17:49 - Updated: 2025-11-21 17:33

Summary

Red Hat Security Advisory: rhpki-common security update

Notes

Topic

An updated rhpki-common package that fixes a security issue is now available for Red Hat Certificate System 7.3. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

Red Hat Certificate System (RHCS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. rhpki-common -- the Red Hat PKI Common Framework -- is required by the following four RHCS subsystems: the Red Hat Certificate Authority; the Red Hat Data Recovery Manager; the Red Hat Online Certificate Status Protocol Manager; and the Red Hat Token Key Service. A flaw was found in the way Red Hat Certificate System handled Extensions in the certificate signing requests (CSR). All requested Extensions were added to the issued certificate even if constraints were defined in the Certificate Authority (CA) profile. An attacker could submit a CSR for a subordinate CA certificate even if the CA configuration prohibited subordinate CA certificates. This lead to a bypass of the intended security policy, possibly simplifying man-in-the-middle attacks against users that trust Certificate Authorities managed by Red Hat Certificate System. (CVE-2008-1676) All users of Red Hat Certificate System 7.3 should upgrade to this updated package, which resolves this issue.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated rhpki-common package that fixes a security issue is now available\nfor Red Hat Certificate System 7.3.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team. ",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nrhpki-common -- the Red Hat PKI Common Framework -- is required by the\nfollowing four RHCS subsystems: the Red Hat Certificate Authority; the Red\nHat Data Recovery Manager; the Red Hat Online Certificate Status Protocol\nManager; and the Red Hat Token Key Service.\n\nA flaw was found in the way Red Hat Certificate System handled Extensions\nin the certificate signing requests (CSR). All requested Extensions were\nadded to the issued certificate even if constraints were defined in the\nCertificate Authority (CA) profile. An attacker could submit a CSR for a\nsubordinate CA certificate even if the CA configuration prohibited\nsubordinate CA certificates. This lead to a bypass of the intended security\npolicy, possibly simplifying man-in-the-middle attacks against users that\ntrust Certificate Authorities managed by Red Hat Certificate System.\n(CVE-2008-1676)\n\nAll users of Red Hat Certificate System 7.3 should upgrade to this\nupdated package, which resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0500",
        "url": "https://access.redhat.com/errata/RHSA-2008:0500"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#important",
        "url": "http://www.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "445227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0500.json"
      }
    ],
    "title": "Red Hat Security Advisory: rhpki-common security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:33:18+00:00",
      "generator": {
        "date": "2025-11-21T17:33:18+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0500",
      "initial_release_date": "2008-07-02T17:49:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-02T17:49:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-02T13:49:43+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:33:18+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.3 for 4AS",
                "product": {
                  "name": "Red Hat Certificate System 7.3 for 4AS",
                  "product_id": "4AS-CERT-7.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.3 for 4ES",
                "product": {
                  "name": "Red Hat Certificate System 7.3 for 4ES",
                  "product_id": "4ES-CERT-7.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Certificate System"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhpki-common-0:7.3.0-29.el4.noarch",
                "product": {
                  "name": "rhpki-common-0:7.3.0-29.el4.noarch",
                  "product_id": "rhpki-common-0:7.3.0-29.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhpki-common@7.3.0-29.el4?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.3.0-29.el4.noarch as a component of Red Hat Certificate System 7.3 for 4AS",
          "product_id": "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
        },
        "product_reference": "rhpki-common-0:7.3.0-29.el4.noarch",
        "relates_to_product_reference": "4AS-CERT-7.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.3.0-29.el4.noarch as a component of Red Hat Certificate System 7.3 for 4ES",
          "product_id": "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
        },
        "product_reference": "rhpki-common-0:7.3.0-29.el4.noarch",
        "relates_to_product_reference": "4ES-CERT-7.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-1676",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "discovery_date": "2008-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "445227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: incorrect handling of Extensions in CSRs (cs71)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch",
          "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "RHBZ#445227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676"
        }
      ],
      "release_date": "2008-07-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-02T17:49:00+00:00",
          "details": "Users running Red Hat Certificate System on Red Hat Enterprise Linux:\n\nBefore applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the Red\nHat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n\nUsers running Red Hat Certificate System on Sun Solaris:\n\nAn updated Solaris packages in .pkg format are available in the Red Hat\nCertificate System Solaris channels on the Red Hat Network. This packages\nshould be installed/upgraded using Solaris native package management tools.\n\nSee also Red Hat Certificate System Administration Guide for installation\ninstructions:\nhttp://www.redhat.com/docs/manuals/cert-system/",
          "product_ids": [
            "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch",
            "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0500"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch",
            "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "System: incorrect handling of Extensions in CSRs (cs71)"
    }
  ]
}

RHSA-2008_0500

Vulnerability from csaf_redhat - Published: 2008-07-02 17:49 - Updated: 2024-11-22 02:01

Summary

Red Hat Security Advisory: rhpki-common security update

Notes

Topic

Details

Red Hat Certificate System (RHCS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. rhpki-common -- the Red Hat PKI Common Framework -- is required by the following four RHCS subsystems: the Red Hat Certificate Authority; the Red Hat Data Recovery Manager; the Red Hat Online Certificate Status Protocol Manager; and the Red Hat Token Key Service. A flaw was found in the way Red Hat Certificate System handled Extensions in the certificate signing requests (CSR). All requested Extensions were added to the issued certificate even if constraints were defined in the Certificate Authority (CA) profile. An attacker could submit a CSR for a subordinate CA certificate even if the CA configuration prohibited subordinate CA certificates. This lead to a bypass of the intended security policy, possibly simplifying man-in-the-middle attacks against users that trust Certificate Authorities managed by Red Hat Certificate System. (CVE-2008-1676) All users of Red Hat Certificate System 7.3 should upgrade to this updated package, which resolves this issue.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated rhpki-common package that fixes a security issue is now available\nfor Red Hat Certificate System 7.3.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team. ",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nrhpki-common -- the Red Hat PKI Common Framework -- is required by the\nfollowing four RHCS subsystems: the Red Hat Certificate Authority; the Red\nHat Data Recovery Manager; the Red Hat Online Certificate Status Protocol\nManager; and the Red Hat Token Key Service.\n\nA flaw was found in the way Red Hat Certificate System handled Extensions\nin the certificate signing requests (CSR). All requested Extensions were\nadded to the issued certificate even if constraints were defined in the\nCertificate Authority (CA) profile. An attacker could submit a CSR for a\nsubordinate CA certificate even if the CA configuration prohibited\nsubordinate CA certificates. This lead to a bypass of the intended security\npolicy, possibly simplifying man-in-the-middle attacks against users that\ntrust Certificate Authorities managed by Red Hat Certificate System.\n(CVE-2008-1676)\n\nAll users of Red Hat Certificate System 7.3 should upgrade to this\nupdated package, which resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0500",
        "url": "https://access.redhat.com/errata/RHSA-2008:0500"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#important",
        "url": "http://www.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "445227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0500.json"
      }
    ],
    "title": "Red Hat Security Advisory: rhpki-common security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:01:16+00:00",
      "generator": {
        "date": "2024-11-22T02:01:16+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2008:0500",
      "initial_release_date": "2008-07-02T17:49:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-02T17:49:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-02T13:49:43+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:01:16+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.3 for 4AS",
                "product": {
                  "name": "Red Hat Certificate System 7.3 for 4AS",
                  "product_id": "4AS-CERT-7.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 7.3 for 4ES",
                "product": {
                  "name": "Red Hat Certificate System 7.3 for 4ES",
                  "product_id": "4ES-CERT-7.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:7.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Certificate System"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhpki-common-0:7.3.0-29.el4.noarch",
                "product": {
                  "name": "rhpki-common-0:7.3.0-29.el4.noarch",
                  "product_id": "rhpki-common-0:7.3.0-29.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhpki-common@7.3.0-29.el4?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.3.0-29.el4.noarch as a component of Red Hat Certificate System 7.3 for 4AS",
          "product_id": "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
        },
        "product_reference": "rhpki-common-0:7.3.0-29.el4.noarch",
        "relates_to_product_reference": "4AS-CERT-7.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhpki-common-0:7.3.0-29.el4.noarch as a component of Red Hat Certificate System 7.3 for 4ES",
          "product_id": "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
        },
        "product_reference": "rhpki-common-0:7.3.0-29.el4.noarch",
        "relates_to_product_reference": "4ES-CERT-7.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-1676",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "discovery_date": "2008-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "445227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: incorrect handling of Extensions in CSRs (cs71)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch",
          "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "RHBZ#445227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-1676"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676"
        }
      ],
      "release_date": "2008-07-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-02T17:49:00+00:00",
          "details": "Users running Red Hat Certificate System on Red Hat Enterprise Linux:\n\nBefore applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the Red\nHat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n\nUsers running Red Hat Certificate System on Sun Solaris:\n\nAn updated Solaris packages in .pkg format are available in the Red Hat\nCertificate System Solaris channels on the Red Hat Network. This packages\nshould be installed/upgraded using Solaris native package management tools.\n\nSee also Red Hat Certificate System Administration Guide for installation\ninstructions:\nhttp://www.redhat.com/docs/manuals/cert-system/",
          "product_ids": [
            "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch",
            "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0500"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch",
            "4ES-CERT-7.3:rhpki-common-0:7.3.0-29.el4.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "System: incorrect handling of Extensions in CSRs (cs71)"
    }
  ]
}

GHSA-6434-HFF7-VGP8

Vulnerability from github – Published: 2022-05-01 23:42 – Updated: 2022-05-01 23:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-1676"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-07-07T23:41:00Z",
    "severity": "HIGH"
  },
  "details": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
  "id": "GHSA-6434-hff7-vgp8",
  "modified": "2022-05-01T23:42:26Z",
  "published": "2022-05-01T23:42:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1676"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2008:0500"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2008:0577"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2008-1676"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43573"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0500.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0577.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30929"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/30062"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020427"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2008-1676

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-1676

Aliases

CVE-2008-1676

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-1676",
    "description": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
    "id": "GSD-2008-1676",
    "references": [
      "https://access.redhat.com/errata/RHSA-2008:0577",
      "https://access.redhat.com/errata/RHSA-2008:0500"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-1676"
      ],
      "details": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.",
      "id": "GSD-2008-1676",
      "modified": "2023-12-13T01:23:03.257351Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-1676",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2008-0500.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2008-0500.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2008-0577.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2008-0577.html"
          },
          {
            "name": "http://secunia.com/advisories/30929",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/30929"
          },
          {
            "name": "http://www.securityfocus.com/bid/30062",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/30062"
          },
          {
            "name": "http://www.securitytracker.com/id?1020427",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1020427"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43573",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43573"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=445227",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netscape:certificate_management_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "6.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:netscape:certificate_management_system:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:netscape:certificate_management_system:6.01:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:netscape:certificate_management_system:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-1676"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=445227",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
            },
            {
              "name": "RHSA-2008:0500",
              "refsource": "REDHAT",
              "tags": [
                "Patch"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2008-0500.html"
            },
            {
              "name": "RHSA-2008:0577",
              "refsource": "REDHAT",
              "tags": [
                "Patch"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2008-0577.html"
            },
            {
              "name": "30062",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/30062"
            },
            {
              "name": "30929",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30929"
            },
            {
              "name": "1020427",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020427"
            },
            {
              "name": "rhcs-rhpkicommon-csr-security-bypass(43573)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43573"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T02:18Z",
      "publishedDate": "2008-07-07T23:41Z"
    }
  }
}

FKIE_CVE-2008-1676

Vulnerability from fkie_nvd - Published: 2008-07-07 23:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2008-0500.html	Patch
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2008-0577.html	Patch
secalert@redhat.com	http://secunia.com/advisories/30929
secalert@redhat.com	http://www.securityfocus.com/bid/30062
secalert@redhat.com	http://www.securitytracker.com/id?1020427
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=445227
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/43573
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2008-0500.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2008-0577.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30929
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/30062
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020427
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=445227
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/43573

Impacted products

Vendor	Product	Version
redhat	certificate_system	7.1
redhat	certificate_system	7.2
redhat	certificate_system	7.3
netscape	certificate_management_system	*
netscape	certificate_management_system	6.0
netscape	certificate_management_system	6.01
netscape	certificate_management_system	6.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94B7103-11B7-4B1E-AE02-86210F9CCCAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27FE079E-FB15-443C-BE2E-1D4C940BB8C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2654E6A-190C-4D5C-ABC0-89011DD8E293",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netscape:certificate_management_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "946E7D94-5FD5-40C2-B67A-14C0D13CDDAB",
              "versionEndIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:certificate_management_system:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D852DF7-F08A-4EAC-B7BB-D3384CA0B9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:certificate_management_system:6.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DD96E83-2151-4AFE-B3B3-E9CCF69D4B77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:certificate_management_system:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3F95B08-2AC6-4452-9BA3-26C80D3FABE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate."
    },
    {
      "lang": "es",
      "value": "Red Hat PKI Common Framework (rhpki-common) de Red Hat Certificate System (tambi\u00e9n conocido como Certificate Server o RHCS) 7.1 hasta 7.3, y Netscape Certificate Management System 6.x; no reconocen las restricciones de perfil de la Autoridad Certificadora en Extensions, esto puede permitir a atacantes remotos evitar las restricciones pretendidas y realizar ataques de hombre-en-medio (man-in-the-middle) al enviar una Solicitud de Firma de Certificado (certificate signing request (CSR)) y utilizar el certificado resultante."
    }
  ],
  "id": "CVE-2008-1676",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-07-07T23:41:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0500.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0577.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30929"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/30062"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020427"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0500.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0577.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020427"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43573"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-1676 (GCVE-0-2008-1676)

RHSA-2008:0577

RHSA-2008_0577

RHSA-2008:0500

RHSA-2008_0500

GHSA-6434-HFF7-VGP8

GSD-2008-1676

FKIE_CVE-2008-1676

Tags

Sightings

Nomenclature