5 matches found
RHEL 6 : katello-configure (RHSA-2014:1186)
An updated katello-configure package that fixes one security issue is now available for Red Hat Subscription Asset Manager. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: katello-configure security update
An updated katello-configure package that fixes one security issue is now available for Red Hat Subscription Asset Manager. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2012-6116
modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions 666 for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file...
Code injection
modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions 666 for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file...
CVE-2012-6116
CVE-2012-6116 affects Katello: the file modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 creates the Candlepin bootstrap RPM with world-writable (0666) permissions. This allows local users to modify the Candlepin CA certificate used to trust the Katello server by writing...