Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.
References
Configurations
History
21 Nov 2024, 00:36
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/40440 - | |
References | () http://secunia.com/advisories/27557 - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-0934.html - | |
References | () http://www.securityfocus.com/bid/26377 - | |
References | () http://www.securitytracker.com/id?1020532 - | |
References | () http://www.vupen.com/english/advisories/2007/3405 - | |
References | () http://www.vupen.com/english/advisories/2007/3406 - | |
References | () https://rhn.redhat.com/errata/RHSA-2008-0566.html - |
Information
Published : 2007-11-06 21:46
Updated : 2024-11-21 00:36
NVD link : CVE-2007-4994
Mitre link : CVE-2007-4994
CVE.ORG link : CVE-2007-4994
JSON object : View
Products Affected
redhat
- certificate_server
CWE
CWE-255
Credentials Management Errors