Detections
Analytics

MiracleLinux 7 : ipa-4.4.0-14.6.0.1.el7.AXS7 (AXSA:2017-1334:03)

high Nessus Plugin ID 289914

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1334:03 advisory.

 IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts).
 Security issues fixed with this release:
 CVE-2017-2590
 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
 Fixed bugs:
 * Previously, during an Identity Management (IdM) replica installation that runs on domain level 1 or higher, Directory Server was not configured to use TLS encryption. As a consequence, installing a certificate authority (CA) on that replica failed. Directory Server is now configured to use TLS encryption during the replica installation and as a result, the CA installation works as expected.
 * Previously, the Identity Management (IdM) public key infrastructure (PKI) component was configured to listen on the ::1 IPv6 localhost address. In environments have the the IPv6 protocol disabled, the replica installer was unable to retrieve the Directory Server certificate, and the installation failed.
 The default listening address of the PKI connector has been updated from the IP address to localhost. As a result, the PKI connector now listens on the correct addresses in IPv4 and IPv6 environments.
 * Previously, when installing a certificate authority (CA) on a replica, Identity Management (IdM) was unable to provide third-party CA certificates to the Certificate System CA installer. As a consequence, the installer was unable to connect to the remote master if the remote master used a third-party server certificate, and the installation failed. This updates applies a patch and as a result, installing a CA replica works as expected in the described situation.
 * When installing a replica, the web server service entry is created on the Identity Management (IdM) master and replicated to all IdM servers. Previously, when installing a replica without a certificate authority (CA), in certain situations the service entry was not replicated to the new replica on time, and the installation failed. The replica installer has been updated and now waits until the web server service entry is replicated. As a result, the replica installation no longer fails in the described situation.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/7766

Plugin Details

Severity: High

ID: 289914

File Name: miracle_linux_AXSA-2017-1334.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P

CVSS Score Source: CVE-2017-2590

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:ipa-common, p-cpe:/a:miracle:linux:ipa-client-common, p-cpe:/a:miracle:linux:ipa-server-trust-ad, p-cpe:/a:miracle:linux:ipa-admintools, p-cpe:/a:miracle:linux:ipa-server, p-cpe:/a:miracle:linux:ipa-server-dns, p-cpe:/a:miracle:linux:python2-ipaserver, p-cpe:/a:miracle:linux:ipa-client, cpe:/o:miracle:linux:7, p-cpe:/a:miracle:linux:ipa-server-common, p-cpe:/a:miracle:linux:python2-ipaclient, p-cpe:/a:miracle:linux:python2-ipalib

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/6/2017

Vulnerability Publication Date: 2/27/2017

Reference Information

CVE: CVE-2017-2590