3 matches found
CVE-2012-5561
script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file...
CVE-2012-5561
CVE-2012-5561 is confirmed in connected Red Hat advisory RHSA-2013:0547 for CloudForms System Engine 1.1.2. The issue arises from the script /usr/share/katello/script/katello-generate-passphrase setting world-readable permissions on /etc/katello/secure/passphrase, allowing a local attacker to rea...
Important: Red Hat Security Advisory: Subscription Asset Manager 1.2 update
Red Hat Subscription Asset Manager 1.2, which fixes several security issues, multiple bugs, and adds various enhancements, is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...