PT-2013-1688 · Apache+1 · Apache Httpd+1

Patrick Raspante

Published

2013-01-04

Updated

2013-01-15

CVE-2012-4556

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Red Hat Certificate System versions prior to 8.1.3

Description The issue affects the token processing system in Red Hat Certificate System, allowing remote attackers to cause a denial of service. This is achieved by sending certain unspecified empty search fields in a user certificate search query, which can lead to the restart of the Apache httpd web server child process.

Recommendations For versions prior to 8.1.3, update to version 8.1.3 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2012-4556

RHSA-2012:1550

Affected Products

Apache Httpd

Red Hat Certificate System

PT-2013-1688 · Apache+1 · Apache Httpd+1

CVE-2012-4556

Weakness Enumeration

Related Identifiers

Affected Products

References · 6