Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4994

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4994
Last Modified 07 Mar 2011 09:59:53
Published 06 Nov 2007 04:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4994

Summary

Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.

Vulnerable Systems

Application

  • Redhat Certificate Server 7.2


References

REDHAT - RHSA-2008:0566

VUPEN - ADV-2007-3406

VUPEN - ADV-2007-3405

SECTRACK - 1020532

REDHAT - RHSA-2007:0934

OSVDB - 40440

BID - 26377

SECUNIA - 27557


Last Updated: 27 May 2016 10:46:02