CVE-2009-0588 Information

Description

agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field.

Reference

http://secunia.com/advisories/35242 http://secunia.com/advisories/35263 http://www.redhat.com/support/errata/RHSA-2009-1065.html http://www.securityfocus.com/bid/35104 http://www.securitytracker.com/id?1022278 https://bugzilla.redhat.com/show_bug.cgi?id=484828 https://bugzilla.redhat.com/show_bug.cgi?id=488706