RHEL 6 : spacewalk-backend and spacewalk-proxy (RHSA-2019:1663)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1663 advisory. Spacewalk is an Open Source systems management solution that provides system provisioning, configuration and patching capabilities. Security Fixes:...

spacewalk-proxy: Path traversal in proxy authentication cache

A path traversal flaw was found in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process...