Installation guide

Table 6. Errata Releases
Advisory Description Release Date
RHSA-2010-0837 This erratum introduces bug
fixes and enhancements for
SCEP operations.
CVE-2010-3868 T he
certificate authority allowed
unauthenticated users to
request the one-time PIN in
an SCEP request to be
decrypted. An attacker able
to sniff an SCEP request
from a network device could
request the certificate
authority to decrypt the
request, allowing them to
obtain the one-time PIN. With
this update, the certificate
authority only handles
decryption requests from
authenticated registration
authorities.
CVE-2010-3869 T he
certificate authority allowed
the one-time PIN used in
SCEP requests to be re-
used. An attacker
possessing a valid SCEP
enrollment one-time PIN
could use it to generate an
unlimited number of
certificates.
CVE-2004-2761 T he
certificate authority used the
MD5 hash algorithm to sign
all SCEP protocol
responses. As MD5 is not
collision resistant, an
attacker could use this flaw
to perform an MD5 chosen-
prefix collision attack to
generate attack-chosen
output signed using the
certificate authority's key.
This update also adds
additional configuration
attributes to enable SCEP, set
SSL connection settings, and
set allowed and required
November 12, 2010
7. Errata Releases for Certificate System 8.0
17