Updated ipa packages that fix a security flaw are now available for Red Hat
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Red Hat Enterprise IPA is an integrated solution to provide centrally-managed Identity (machines, users, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis) services. A flaw was found in the Red Hat Enterprise IPA installation procedure. The master Kerberos password was set up in the LDAP server in such a way that it was possible to retrieve the password via an anonymous LDAP connection. (CVE-2008-3274) Note: the master Kerberos password is used to encrypt keys. This flaw does not lead to individual keys being exposed. Users of Red Hat IPA should upgrade to these updated packages and perform the operations explained in the solution to resolve this issue.