CVE-2012-5484

Published: Jan 27, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=31e41eea6c2322689826e6065ceba82551c565aa

x_refsource_CONFIRM

http://www.freeipa.org/page/CVE-2012-5484

x_refsource_CONFIRM

http://www.freeipa.org/page/Releases/3.1.2

x_refsource_CONFIRM

http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a1991aeac19c3fec1fdd0d184c6760c90c9f9fc9

x_refsource_CONFIRM

http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f

x_refsource_CONFIRM

RHSA-2013:0188

vendor-advisory

x_refsource_REDHAT

http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=91f4af7e6af53e1c6bf17ed36cb2161863eddae4

x_refsource_CONFIRM

http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a40285c5a0288669b72f9d991508d4405885bffc

x_refsource_CONFIRM

RHSA-2013:0189

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-5484

Description

Affected Products

References