Detections
Analytics

MiracleLinux 4 : pki-core-9.0.3-43.AXS4 (AXSA:2015-401:01)

medium Nessus Plugin ID 290070

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-401:01 advisory.

 ================================== || ABOUT CERTIFICATE SYSTEM || ================================== Certificate System (CS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments.
 PKI Core contains fundamental packages required by Certificate System, and consists of the following components:
 * pki-setup
 * pki-symkey
 * pki-native-tools
 * pki-util
 * pki-util-javadoc
 * pki-java-tools
 * pki-java-tools-javadoc
 * pki-common
 * pki-common-javadoc
 * pki-selinux
 * pki-ca
 * pki-silent which comprise the following PKI subsystems:
 * Certificate Authority (CA) For deployment purposes, Certificate System requires ONE AND ONLY ONE of the following Mutually-Exclusive PKI Theme packages:
 * ipa-pki-theme (IPA deployments)
 * dogtag-pki-theme (Dogtag Certificate System deployments) Security issues fixed with this release:
 CVE-2012-2662 Fixed bugs:
 * Previously, pki-core required the SSL version 3 (SSLv3) protocol ranges to communicate with the 389-ds-base packages. However, recent changes to 389-ds-base disabled the default use of SSLv3 and enforced using protocol ranges supported by secure protocols, such as the TLS protocol. As a consequence, the CA failed to install during an Identity Management (IdM) server installation.
 To fix this bug, this update adds TLS-related parameters to the server.xml file of the CA.
 * Previously, the ipa-server-install script failed when attempting to configure a stand-alone CA on systems with OpenJDK version 1.8.0 installed. With this update, the pki-core build and runtime dependencies have been modified to use OpenJDK version 1.7.0 during the stand-alone CA configuration.
 * Creating a Asianux Server 7 replica from a Asianux Server 4 replica running the CA service sometimes failed in IdM deployments where the initial Asianux Server 4 CA master had been removed. This could cause problems in some situations, such as when migrating from Asianux Server 4 to Asianux Server 7. The bug occurred due to a problem in a previous version of IdM where the subsystem user, created during the initial CA server installation, was removed together with the initial master. With this update, the bug has been fixed.
 * Several Java import statements specify wildcard arguments. However, due to the use of wildcard arguments in the import statements of the source code contained in the Asianux Server 4 maintenance branch, a name space collision created the potential for an incorrect class to be utilized. As a consequence, the Token Processing System (TPS) rebuild test failed with an error message.
 With this update, the problem has been fixed.
 * Previously, pki-core failed to build with the rebased version of the CMake build system during the TPS rebuild test. To resolve this bug, the pki-core build files have been updated to comply with the rebased version of CMake.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/5748

Plugin Details

Severity: Medium

ID: 290070

File Name: miracle_linux_AXSA-2015-401.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2012-2662

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:pki-common, p-cpe:/a:miracle:linux:pki-ca, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:pki-setup, p-cpe:/a:miracle:linux:pki-symkey, p-cpe:/a:miracle:linux:pki-selinux, p-cpe:/a:miracle:linux:pki-native-tools, p-cpe:/a:miracle:linux:pki-silent, p-cpe:/a:miracle:linux:pki-java-tools, p-cpe:/a:miracle:linux:pki-util

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/13/2015

Vulnerability Publication Date: 7/19/2012

Reference Information

CVE: CVE-2012-2662