Vulnerabilities > CVE-2011-0717 - Unspecified vulnerability in Redhat Network Satellite Server 5.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN redhat
nessus
Summary
Session fixation vulnerability in Red Hat Network (RHN) Satellite Server 5.4 allows remote attackers to hijack web sessions via unspecified vectors related to Spacewalk.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Red Hat Local Security Checks |
NASL id | REDHAT-RHSA-2011-0300.NASL |
description | Updated packages that fix two security issues are now available for Red Hat Network Satellite Server 5.4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Network Satellite Server (RHN Satellite Server) is a system management tool for Linux-based infrastructures. It allows for the provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. A session fixation flaw was found in the way RHN Satellite Server handled session cookies. An RHN Satellite Server user able to pre-set the session cookie in a victim |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 63973 |
published | 2013-01-24 |
reporter | This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/63973 |
title | RHEL 5 : Satellite Server (RHSA-2011:0300) |
Redhat
advisories |
| ||||
rpms |
|
References
- http://www.vupen.com/english/advisories/2011/0491
- http://www.securitytracker.com/id?1025116
- http://www.securityfocus.com/bid/46528
- http://secunia.com/advisories/43487
- https://bugzilla.redhat.com/show_bug.cgi?id=672159
- http://www.redhat.com/support/errata/RHSA-2011-0300.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65658