UBUNTU-CVE-2016-5404

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.

References

Affected packages

Ubuntu:Pro:16.04:LTS / freeipa

Package

Name: freeipa
Purl: pkg:deb/ubuntu/freeipa@4.3.1-0ubuntu1+esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.3.1-0ubuntu1+esm1

Affected versions

4.*

4.1.4-1

4.3.1-0ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "freeipa-admintools",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "freeipa-client",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "freeipa-common",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "freeipa-server",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "freeipa-server-dns",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "freeipa-server-trust-ad",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "freeipa-tests",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "python-ipaclient",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "python-ipalib",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "python-ipaserver",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        },
        {
            "binary_name": "python-ipatests",
            "binary_version": "4.3.1-0ubuntu1+esm1"
        }
    ],
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}