Detections
Analytics

MiracleLinux 4 : ipa-3.0.0-47.0.1.AXS4 (AXSA:2015-419:01)

medium Nessus Plugin ID 289793

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-419:01 advisory.

 IPA is an integrated solution to provide centrally managed Identity (machine, user, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis thereof).
 Security issues fixed with this release:
 CVE-2010-5312 Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
 CVE-2012-6662 Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.
 Fixed bugs:
 * The ipa-server-install, ipa-replica-install, and ipa-client-install utilities are not supported on machines running in FIPS-140 mode. Previously, IdM did not warn users about this. Now, the bug has been fixed with this update.
 * If an Active Directory (AD) server was specified or discovered automatically when running the ipa-client-install utility, the utility produced a traceback instead of informing the user that an IdM server is expected in this situation.
 With this update, the bug has been fixed.
 * When IdM servers were configured to require the TLS protocol version 1.1 (TLSv1.1) or later in the httpd server, the ipa utility failed. With this update, running ipa works as expected with TLSv1.1 or later.
 * In certain high-load environments, the Kerberos authentication step of the IdM client installer can fail. Previously, the entire client installation failed in this situation. To fix this bug, this update modifies ipa-client-install to prefer the TCP protocol over the UDP protocol and to retry the authentication attempt in case of failure.
 * If ipa-client-install updated or created the /etc/nsswitch.conf file, the sudo utility could terminate unexpectedly with a segmentation fault. Now, ipa-client-install puts a new line character at the end of nsswitch.conf if it modifies the last line of the file, fixing this bug.
 * The ipa-client-automount utility failed with the UNWILLING_TO_PERFORM LDAP error when the nsslapd-minssf Red Hat Directory Server configuration parameter was set to 1. With this update, the problem has been fixed.
 * If installing an IdM server failed after the Certificate Authority (CA) installation, the ipa-server-install --uninstall command did not perform a proper cleanup. After the user issued ipa-server-install --uninstall and then attempted to install the server again, the installation failed. With this update, the bug has been fixed.
 * Running ipa-client-install added the sss entry to the sudoers line in nsswitch.conf even if sss was already configured and the entry was present in the file. Duplicate sss then caused sudo to become unresponsive. With this update, the bug has been fixed.
 * After running ipa-client-install, it was not possible to log in using SSH under certain circumstances. Now, ipa-client-install no longer corrupts the sshd_config file, and the sshd service can start as expected.
 * An incorrect definition of the dc attribute in the /usr/share/ipa/05rfc2247.ldif file caused bogus error messages to be returned during migration. The attribute has been fixed, but the bug persists if the copy-schema-to-ca.py script was run on Asianux Server 4 SP4 prior to running it on Asianux Server 4 SP5. With this update, fixed it.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/5766

Plugin Details

Severity: Medium

ID: 289793

File Name: miracle_linux_AXSA-2015-419.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2012-6662

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2010-5312

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:ipa-client, p-cpe:/a:miracle:linux:ipa-server, p-cpe:/a:miracle:linux:ipa-server-trust-ad, p-cpe:/a:miracle:linux:ipa-server-selinux, p-cpe:/a:miracle:linux:ipa-python, p-cpe:/a:miracle:linux:ipa-admintools, cpe:/o:miracle:linux:4

Required KB Items: Host/local_checks_enabled, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/13/2015

Vulnerability Publication Date: 11/26/2012

Reference Information

CVE: CVE-2010-5312, CVE-2012-6662