28 matches found
security flaw
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges...
RHEL 2.1 : up2date (RHSA-2003:177)
Updated versions of the rhnregister and up2date packages are now available. The new packages include many bug fixes, and a few new features. The rhnregister and up2date packages contain the software necessary to take advantage of Red Hat Network functionality. The up2date package incorporates...
RHEL 2.1 : up2date (RHSA-2003:268)
New versions of the up2date and rhnregister clients are available and are required for continued access to Red Hat Network. The rhnregister and up2date packages contain the software necessary to take advantage of Red Hat Network functionality. This erratum includes an updated RHNS-CA-CERT file,...
(RHSA-2003:268) New up2date available with updated SSL certificate authority file
The rhnregister and up2date packages contain the software necessary to take advantage of Red Hat Network functionality. This erratum includes an updated RHNS-CA-CERT file, which contains a new CA certificate. This new certificate is needed so that up2date can continue to communicate with Red Hat...
CVE-2003-0546
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised...
CVE-2003-0546
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised...
CVE-2003-0546
CVE-2003-0546 affects up2date 3.0.7 and 3.1.23, which do not properly verify RPM GPG signatures. This could let remote attackers install unsigned packages from the Red Hat Network if that network is compromised. The CVSS base score is 7.5 (HIGH). Exploitation details are not provided in the suppl...
(RHSA-2003:177) Updated up2date and rhn_register clients available
The rhnregister and up2date packages contain the software necessary to take advantage of Red Hat Network functionality. The up2date package incorporates improvements in handling package dependencies and "obsoletes" processing, along with many other bug fixes. This release also includes an updated...