#VU44418 Permissions, Privileges, and Access Controls in pfsense - CVE-2011-4197
Published: January 3, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU44418
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2011-4197
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
pfsense
pfsense
Software vendor:
Rubicon Communications
Rubicon Communications
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key.
Remediation
Install update from vendor's website.
External links
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0152.html
- http://secunia.com/advisories/46780
- http://www.osvdb.org/77982
- http://www.securityfocus.com/bid/51169
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71969
- https://github.com/bsdperimeter/pfsense/commit/1379d66f11aaf72982a70287b83e24efcd18898e
- https://github.com/bsdperimeter/pfsense/commit/87b4deb2b2dae9013e6aa0fe490d6a5a04a27894
- https://www.trustmatta.com/advisories/MATTA-2011-001.txt