pki-core-9.0.3-30.AXS4
エラータID: AXSA:2013-181:01
リリース日:
2013/03/19 Tuesday - 20:16
題名:
pki-core-9.0.3-30.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Red Hat Certificate System (RHCS) には,displayCRL スクリプトへ渡す (1) pageStart,(2) pageSize あるいは (3) profileProcess スクリプトへ渡す nonce 変数によって,リモートの攻撃者が任意の Web スクリプトや HTML を注入する脆弱性があります。 (CVE-2012-4543)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-4543
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.
追加情報:
N/A
ダウンロード:
SRPMS
- pki-core-9.0.3-30.AXS4.src.rpm
MD5: 4d49d7c092e8e2aa023d25be928c0d17
SHA-256: 890f3c4fb45b1f290312e4d2326786584a7a7315f07ba7dac58f2a33698eb609
Size: 2.31 MB
Asianux Server 4 for x86
- pki-native-tools-9.0.3-30.AXS4.i686.rpm
MD5: 362561d4861f02907c16f1610c1c958f
SHA-256: 5b1e6dec710bfdc8a2b7a25bcf01c66f9f40953a0e7e646d476aafecd1a19eb4
Size: 123.26 kB - pki-symkey-9.0.3-30.AXS4.i686.rpm
MD5: 30343f0e276b527cf45ddcfeff2d8330
SHA-256: 4e5efec9c4f86d7f0823633b005633c5a542655a2368315f27d156069bf3a948
Size: 56.11 kB - pki-ca-9.0.3-30.AXS4.noarch.rpm
MD5: 24343e3ddb33d33a49b2126ba91926fc
SHA-256: cc0ff01046dbf2fcfeceaaff829885f2458344ba4f82c6b8782a1fe21ca3326c
Size: 205.05 kB - pki-common-9.0.3-30.AXS4.noarch.rpm
MD5: 0a805984bdb5424c62307985c19d8293
SHA-256: 6d8497882c2a6801dbf950026970cbe0653ccf47f9d407d931389cb8d8e37c9b
Size: 2.26 MB - pki-java-tools-9.0.3-30.AXS4.noarch.rpm
MD5: 7a17e6d69eab519c0c13c0ae8f381ed7
SHA-256: 5de9d45ca0434108fca981efd3f121f4eb069aea3bd171dac9f3a00d07de1c77
Size: 123.45 kB - pki-selinux-9.0.3-30.AXS4.noarch.rpm
MD5: 5bec1c351f4a6bdda97a369559b94421
SHA-256: 74f9af8aebfe3e4c59c3b3768d7ee32817319f2aa0df627d98a973047b5aedbb
Size: 61.89 kB - pki-setup-9.0.3-30.AXS4.noarch.rpm
MD5: 3fb3ca56e11ff4e3574f9f791c2b2a30
SHA-256: 9b536973ffcbae7a5e7271b41033b39689ae8820d60d04437174ebc12a5d1ff4
Size: 80.17 kB - pki-silent-9.0.3-30.AXS4.noarch.rpm
MD5: ee5221a29d2012f90cb0461e2a3d93f3
SHA-256: fb7694341105056ddc328e89acf2f0f132d35e7cadec43e716480042d0ede596
Size: 265.86 kB - pki-util-9.0.3-30.AXS4.noarch.rpm
MD5: 7b95af906c6ea5231d235e0d43e4e426
SHA-256: ec6707aae659f835775ca5895838d173cb20c047f0efcb5ccd7de1fc0ad1b800
Size: 492.37 kB
Asianux Server 4 for x86_64
- pki-native-tools-9.0.3-30.AXS4.x86_64.rpm
MD5: f7175e5f51c56dcac289c1b6bc4a6b1d
SHA-256: dcc16c55c8773fd4b2f0a0d5809e519ac5f9f0be5394fa07099b7f0bdb633380
Size: 121.06 kB - pki-symkey-9.0.3-30.AXS4.x86_64.rpm
MD5: e22e411689b74dbdd083d28b411df977
SHA-256: 9a683c141f2f2819de7d29828b8a4319930f052de1a606775b633b427ea1f949
Size: 54.84 kB - pki-ca-9.0.3-30.AXS4.noarch.rpm
MD5: d31f38f00264a3c81f98d32c03113579
SHA-256: fee8e6ed9a792f10f6c2ccfa3055d6eaaa9368e80097cd6d1b942c47cd63e31f
Size: 204.61 kB - pki-common-9.0.3-30.AXS4.noarch.rpm
MD5: fed371fdfea39cc6aa0b096fbfb29d66
SHA-256: fcbaeeead429cbedd722804a12905d615a2289147650354040f65503eef784e0
Size: 2.26 MB - pki-java-tools-9.0.3-30.AXS4.noarch.rpm
MD5: cfeae6f28f9ee72597d48837df15457e
SHA-256: 3ffd4088450b0838dd149048d99150e7b855b3c459ddea32625d3e0d0ad0110d
Size: 123.00 kB - pki-selinux-9.0.3-30.AXS4.noarch.rpm
MD5: 9ff2a1ac741ee3777f1365e371207623
SHA-256: 555c0802e1b98efa2156221d2bf8211c9aa7eff520bbcd3615de119fd4ec5c76
Size: 61.40 kB - pki-setup-9.0.3-30.AXS4.noarch.rpm
MD5: ba06e283fc0f01b9f708fcaa146a7faf
SHA-256: 6e7915d2c46d6650c69bd9bea064a5e61fc6fc1887e56c1dfc84be7d98659b03
Size: 79.73 kB - pki-silent-9.0.3-30.AXS4.noarch.rpm
MD5: bfcd7532e1f1320a6c6f7f1fab1c55d6
SHA-256: c724813af31be0f775b09f7fa398507db80ff628b91c08b35a9ed0396b641d48
Size: 265.41 kB - pki-util-9.0.3-30.AXS4.noarch.rpm
MD5: 378f8cdceb41b4e9e3a4632ed84259a5
SHA-256: 58e853ece65d8caa395a80672094d887c821101c656cc56e58185e7a140bcfdb
Size: 491.92 kB