pki allows unauthenticated access. The certificate authority allowed unauthenticated users to request the one-time PIN in an SCEP request to be decrypted. An attacker able to sniff an SCEP request from a network device could request the certificate authority to decrypt the request, allowing them to obtain the one-time PIN. With this update, the certificate authority only handles decryption requests from authenticated registration authorities.
secunia.com/advisories/42181
securitytracker.com/id?1024697
www.osvdb.org/69149
www.redhat.com/security/updates/classification/#moderate
access.redhat.com/errata/RHSA-2010:0838
bugzilla.redhat.com/show_bug.cgi?id=648882
fedorahosted.org/pki/changeset/1261
rhn.redhat.com/errata/RHSA-2010-0837.html
rhn.redhat.com/errata/RHSA-2010-0838.html