cvelistv5 - cve-2008-3274

CVE-2008-3274 (GCVE-0-2008-3274)

Vulnerability from cvelistv5 – Published: 2008-09-12 16:00 – Updated: 2024-08-07 09:28

Summary

The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

RHSA-2008:0860

Vulnerability from csaf_redhat - Published: 2008-09-10 18:08 - Updated: 2025-11-21 17:33

Summary

Red Hat Security Advisory: ipa security update

Notes

Topic

Updated ipa packages that fix a security flaw are now available for Red Hat Enterprise IPA. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

Red Hat Enterprise IPA is an integrated solution to provide centrally-managed Identity (machines, users, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis) services. A flaw was found in the Red Hat Enterprise IPA installation procedure. The master Kerberos password was set up in the LDAP server in such a way that it was possible to retrieve the password via an anonymous LDAP connection. (CVE-2008-3274) Note: the master Kerberos password is used to encrypt keys. This flaw does not lead to individual keys being exposed. Users of Red Hat IPA should upgrade to these updated packages and perform the operations explained in the solution to resolve this issue.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ipa packages that fix a security flaw are now available for Red Hat\nEnterprise IPA.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Enterprise IPA is an integrated solution to provide\ncentrally-managed Identity (machines, users, virtual machines, groups,\nauthentication credentials), Policy (configuration settings, access control\ninformation) and Audit (events, logs, analysis) services.\n\nA flaw was found in the Red Hat Enterprise IPA installation procedure. The\nmaster Kerberos password was set up in the LDAP server in such a way that\nit was possible to retrieve the password via an anonymous LDAP connection.\n(CVE-2008-3274)\n\nNote: the master Kerberos password is used to encrypt keys. This flaw does\nnot lead to individual keys being exposed.\n\nUsers of Red Hat IPA should upgrade to these updated packages and perform\nthe operations explained in the solution to resolve this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0860",
        "url": "https://access.redhat.com/errata/RHSA-2008:0860"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "457835",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0860.json"
      }
    ],
    "title": "Red Hat Security Advisory: ipa security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:33:48+00:00",
      "generator": {
        "date": "2025-11-21T17:33:48+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0860",
      "initial_release_date": "2008-09-10T18:08:00+00:00",
      "revision_history": [
        {
          "date": "2008-09-10T18:08:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-09-10T14:08:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:33:48+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat IPA 1 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat IPA 1 for RHEL 5 Server",
                  "product_id": "5Server-IPA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_ipa:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise IPA"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-client@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-admintools@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-python@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-debuginfo@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server-selinux@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ipa-client-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-client-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-client-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-client@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-admintools@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-python-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-python-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-python-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-python@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-debuginfo@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server-selinux@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-server-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-server-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ipa-0:1.0.0-23.el5ipa.src",
                "product": {
                  "name": "ipa-0:1.0.0-23.el5ipa.src",
                  "product_id": "ipa-0:1.0.0-23.el5ipa.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa@1.0.0-23.el5ipa?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-0:1.0.0-23.el5ipa.src as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-0:1.0.0-23.el5ipa.src"
        },
        "product_reference": "ipa-0:1.0.0-23.el5ipa.src",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-admintools-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-client-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-client-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-client-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-python-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-python-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-python-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-server-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-3274",
      "discovery_date": "2008-08-04T00:00:00+00:00",
      "notes": [
        {
          "category": "description",
          "text": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.",
          "title": "Vulnerability description"
        },
        {
          "category": "other",
          "text": "Red Hat Product Security has determined that this vulnerability does not affect any currently supported Red Hat product. This assessment may evolve based on further analysis and discovery. For more information about this vulnerability and the products it affects, please see the linked references.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-IPA:ipa-0:1.0.0-23.el5ipa.src",
          "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-3274"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-3274",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-3274"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3274",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3274"
        }
      ],
      "release_date": "2008-09-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-09-10T18:08:00+00:00",
          "details": "To fully resolve this problem, you need to manually perform the following\nsteps after installing the updated packages:\n\nDisclaimer: The following procedure performs critical, low-level operations\non your IPA system, and it is imperative that you back up your system\nbefore carrying out any of the following steps. A failure during this\nprocedure may compromise the readability of all or part of your Kerberos\nkeys.\n\n1. Upgrade all of your servers (masters and replicas) and restart the\ndirsrv service on all of them. No other daemon needs to be restarted at\nthis stage.\n\n2. On one master server, run the following tool:\n    $ ipa-fix-2008-3274 --check\n\nThis should report that the system is vulnerable.\n\n3. On the same master server, run the following tool:\n    $ ipa-fix-2008-3274 --fix\n\nThis should dump all Kerberos principals, reload them, and then return a \nmessage stating that the operation completed successfully. If not, you\nshould contact Red Hat GSS for immediate assistance.\n\nThis step should also create a .gpg file symmetrically-encrypted with the \nDirectory Manager password. This file contains a backup of all Kerberos \nkey material and is written to /var/lib/ipa/.\n\nAttention: DO NOT RUN THIS COMMAND ON ANY OTHER SERVER. See the next step.\n\n4. On all other IPA servers, run the following tool:\n    $ ipa-fix-2008-3274 --fix-replica\n\nThis will report that the system is NOT vulnerable and will then download\nthe master key for the local KDC instance. This command will restart the\nKDC service.\n\nIf the command reports a system as anything other than not vulnerable,\nverify that replication between masters is working correctly. The procedure\nwill not successfully complete until replication failures are addressed.\n\nBefore applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "5Server-IPA:ipa-0:1.0.0-23.el5ipa.src",
            "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0860"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "IPA Kerberos master password disclosure"
    }
  ]
}

RHSA-2008_0860

Vulnerability from csaf_redhat - Published: 2008-09-10 18:08 - Updated: 2024-11-22 02:13

Summary

Red Hat Security Advisory: ipa security update

Notes

Topic

Updated ipa packages that fix a security flaw are now available for Red Hat Enterprise IPA. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated ipa packages that fix a security flaw are now available for Red Hat\nEnterprise IPA.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Enterprise IPA is an integrated solution to provide\ncentrally-managed Identity (machines, users, virtual machines, groups,\nauthentication credentials), Policy (configuration settings, access control\ninformation) and Audit (events, logs, analysis) services.\n\nA flaw was found in the Red Hat Enterprise IPA installation procedure. The\nmaster Kerberos password was set up in the LDAP server in such a way that\nit was possible to retrieve the password via an anonymous LDAP connection.\n(CVE-2008-3274)\n\nNote: the master Kerberos password is used to encrypt keys. This flaw does\nnot lead to individual keys being exposed.\n\nUsers of Red Hat IPA should upgrade to these updated packages and perform\nthe operations explained in the solution to resolve this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0860",
        "url": "https://access.redhat.com/errata/RHSA-2008:0860"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "457835",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0860.json"
      }
    ],
    "title": "Red Hat Security Advisory: ipa security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:13:13+00:00",
      "generator": {
        "date": "2024-11-22T02:13:13+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2008:0860",
      "initial_release_date": "2008-09-10T18:08:00+00:00",
      "revision_history": [
        {
          "date": "2008-09-10T18:08:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-09-10T14:08:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:13:13+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat IPA 1 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat IPA 1 for RHEL 5 Server",
                  "product_id": "5Server-IPA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_ipa:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise IPA"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-client@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-admintools@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-python@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-debuginfo@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server-selinux@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
                "product": {
                  "name": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
                  "product_id": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server@1.0.0-23.el5ipa?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ipa-client-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-client-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-client-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-client@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-admintools@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-python-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-python-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-python-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-python@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-debuginfo@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server-selinux@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ipa-server-0:1.0.0-23.el5ipa.i386",
                "product": {
                  "name": "ipa-server-0:1.0.0-23.el5ipa.i386",
                  "product_id": "ipa-server-0:1.0.0-23.el5ipa.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa-server@1.0.0-23.el5ipa?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ipa-0:1.0.0-23.el5ipa.src",
                "product": {
                  "name": "ipa-0:1.0.0-23.el5ipa.src",
                  "product_id": "ipa-0:1.0.0-23.el5ipa.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ipa@1.0.0-23.el5ipa?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-0:1.0.0-23.el5ipa.src as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-0:1.0.0-23.el5ipa.src"
        },
        "product_reference": "ipa-0:1.0.0-23.el5ipa.src",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-admintools-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-admintools-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-client-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-client-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-client-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-client-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-python-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-python-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-python-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-python-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-server-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-server-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.i386"
        },
        "product_reference": "ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
        "relates_to_product_reference": "5Server-IPA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64 as a component of Red Hat IPA 1 for RHEL 5 Server",
          "product_id": "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64"
        },
        "product_reference": "ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64",
        "relates_to_product_reference": "5Server-IPA"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-3274",
      "discovery_date": "2008-08-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "457835"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "IPA Kerberos master password disclosure",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-IPA:ipa-0:1.0.0-23.el5ipa.src",
          "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.x86_64",
          "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
          "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-3274"
        },
        {
          "category": "external",
          "summary": "RHBZ#457835",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-3274",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-3274"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3274",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3274"
        }
      ],
      "release_date": "2008-09-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-09-10T18:08:00+00:00",
          "details": "To fully resolve this problem, you need to manually perform the following\nsteps after installing the updated packages:\n\nDisclaimer: The following procedure performs critical, low-level operations\non your IPA system, and it is imperative that you back up your system\nbefore carrying out any of the following steps. A failure during this\nprocedure may compromise the readability of all or part of your Kerberos\nkeys.\n\n1. Upgrade all of your servers (masters and replicas) and restart the\ndirsrv service on all of them. No other daemon needs to be restarted at\nthis stage.\n\n2. On one master server, run the following tool:\n    $ ipa-fix-2008-3274 --check\n\nThis should report that the system is vulnerable.\n\n3. On the same master server, run the following tool:\n    $ ipa-fix-2008-3274 --fix\n\nThis should dump all Kerberos principals, reload them, and then return a \nmessage stating that the operation completed successfully. If not, you\nshould contact Red Hat GSS for immediate assistance.\n\nThis step should also create a .gpg file symmetrically-encrypted with the \nDirectory Manager password. This file contains a backup of all Kerberos \nkey material and is written to /var/lib/ipa/.\n\nAttention: DO NOT RUN THIS COMMAND ON ANY OTHER SERVER. See the next step.\n\n4. On all other IPA servers, run the following tool:\n    $ ipa-fix-2008-3274 --fix-replica\n\nThis will report that the system is NOT vulnerable and will then download\nthe master key for the local KDC instance. This command will restart the\nKDC service.\n\nIf the command reports a system as anything other than not vulnerable,\nverify that replication between masters is working correctly. The procedure\nwill not successfully complete until replication failures are addressed.\n\nBefore applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "5Server-IPA:ipa-0:1.0.0-23.el5ipa.src",
            "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-admintools-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-client-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-debuginfo-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-python-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-server-0:1.0.0-23.el5ipa.x86_64",
            "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.i386",
            "5Server-IPA:ipa-server-selinux-0:1.0.0-23.el5ipa.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0860"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "IPA Kerberos master password disclosure"
    }
  ]
}

GSD-2008-3274

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-3274

Aliases

CVE-2008-3274

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-3274",
    "description": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.",
    "id": "GSD-2008-3274",
    "references": [
      "https://access.redhat.com/errata/RHSA-2008:0860"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-3274"
      ],
      "details": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.",
      "id": "GSD-2008-3274",
      "modified": "2023-12-13T01:23:06.093059Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-3274",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c",
            "refsource": "MISC",
            "url": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2008-0860.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2008-0860.html"
          },
          {
            "name": "http://secunia.com/advisories/31861",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31861"
          },
          {
            "name": "http://www.freeipa.org/page/CVE-2008-3274",
            "refsource": "MISC",
            "url": "http://www.freeipa.org/page/CVE-2008-3274"
          },
          {
            "name": "http://www.freeipa.org/page/Downloads",
            "refsource": "MISC",
            "url": "http://www.freeipa.org/page/Downloads"
          },
          {
            "name": "http://www.freeipa.org/page/News",
            "refsource": "MISC",
            "url": "http://www.freeipa.org/page/News"
          },
          {
            "name": "http://www.securityfocus.com/bid/31111",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/31111"
          },
          {
            "name": "http://www.securitytracker.com/id?1020850",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1020850"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=457835",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:freeipa:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:freeipa:0.99:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:enterprise_ipa:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:freeipa:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-3274"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.freeipa.org/page/News",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.freeipa.org/page/News"
            },
            {
              "name": "31111",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/31111"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=457835",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
            },
            {
              "name": "RHSA-2008:0860",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2008-0860.html"
            },
            {
              "name": "http://www.freeipa.org/page/Downloads",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.freeipa.org/page/Downloads"
            },
            {
              "name": "http://www.freeipa.org/page/CVE-2008-3274",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.freeipa.org/page/CVE-2008-3274"
            },
            {
              "name": "31861",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31861"
            },
            {
              "name": "FEDORA-2008-7987",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html"
            },
            {
              "name": "FEDORA-2008-8003",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html"
            },
            {
              "name": "1020850",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020850"
            },
            {
              "name": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T02:19Z",
      "publishedDate": "2008-09-12T16:56Z"
    }
  }
}

GHSA-8W34-C24H-WVP3

Vulnerability from github – Published: 2022-05-01 23:58 – Updated: 2022-05-01 23:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-3274"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-12T16:56:00Z",
    "severity": "MODERATE"
  },
  "details": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.",
  "id": "GHSA-8w34-c24h-wvp3",
  "modified": "2022-05-01T23:58:23Z",
  "published": "2022-05-01T23:58:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3274"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html"
    },
    {
      "type": "WEB",
      "url": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c"
    },
    {
      "type": "WEB",
      "url": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git;a=commit;h=9932887f2af38b9701efec27707648c026ec445c"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0860.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31861"
    },
    {
      "type": "WEB",
      "url": "http://www.freeipa.org/page/CVE-2008-3274"
    },
    {
      "type": "WEB",
      "url": "http://www.freeipa.org/page/Downloads"
    },
    {
      "type": "WEB",
      "url": "http://www.freeipa.org/page/News"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31111"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020850"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2008-3274

Vulnerability from fkie_nvd - Published: 2008-09-12 16:56 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2008-0860.html
secalert@redhat.com	http://secunia.com/advisories/31861
secalert@redhat.com	http://www.freeipa.org/page/CVE-2008-3274	Patch
secalert@redhat.com	http://www.freeipa.org/page/Downloads
secalert@redhat.com	http://www.freeipa.org/page/News
secalert@redhat.com	http://www.securityfocus.com/bid/31111
secalert@redhat.com	http://www.securitytracker.com/id?1020850
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=457835
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html
af854a3a-2127-422b-91ae-364da2661108	http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2008-0860.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31861
af854a3a-2127-422b-91ae-364da2661108	http://www.freeipa.org/page/CVE-2008-3274	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.freeipa.org/page/Downloads
af854a3a-2127-422b-91ae-364da2661108	http://www.freeipa.org/page/News
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31111
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020850
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=457835
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html

Impacted products

Vendor	Product	Version
redhat	enterprise_ipa	1.0.0
redhat	freeipa	*
redhat	freeipa	0.99
redhat	freeipa	1.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:enterprise_ipa:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "875F2D78-7C9F-40D1-AA33-6D983CE5577E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:freeipa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBA7BABF-316F-4B56-8A06-99118BE39754",
              "versionEndIncluding": "1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:freeipa:0.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF233FD1-3592-4D75-B941-79CCF00D22D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:freeipa:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F76D90-B63A-4169-9FB4-06A027D401C7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n por defecto de Red Hat Enterprise IPA versi\u00f3n 1.0.0 y FreeIPA versiones anteriores a 1.1.1 pone ldap:///anyone en la ACL de lectura para el atributo krbMKey, lo que permite a atacantes remotos obtener la clave maestra de Kerberos utilizando una consulta LDAP an\u00f3nima."
    }
  ],
  "id": "CVE-2008-3274",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-12T16:56:20.477",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0860.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31861"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.freeipa.org/page/CVE-2008-3274"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.freeipa.org/page/Downloads"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.freeipa.org/page/News"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/31111"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020850"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0860.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.freeipa.org/page/CVE-2008-3274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.freeipa.org/page/Downloads"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.freeipa.org/page/News"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020850"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00733.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00743.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-3274 (GCVE-0-2008-3274)

RHSA-2008:0860

RHSA-2008_0860

GSD-2008-3274

GHSA-8W34-C24H-WVP3

FKIE_CVE-2008-3274

Tags

Sightings

Nomenclature