Vulnerabilities > CVE-2003-0546 - Unspecified vulnerability in Redhat Up2Date 3.0.71/3.1.231
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Oval
| accepted | 2007-04-25T19:52:38.112-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| description | up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:631 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2003-09-03T12:00:00.000-04:00 | ||||||||||||
| title | up2date RPM GPG Signature Verification Vulnerability | ||||||||||||
| version | 36 |
Redhat
| advisories |
|