35 matches found
EUVD-2017-16551
Malware in sbrugna...
EUVD-2014-8004
Malware in sbrugna...
EUVD-2016-3206
Malware in sbrugna...
EUVD-2017-16530
Malware in sbrugna...
ALBA-2019:3474 satellite-5-client module update
Satellite 5 client module provides programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Satellite 5. This update fixes the following bugs: A build dependency on Python 2 gtk-builder-convert has been dropped...
satellite-5-client module update
An update is available for dnf-plugin-spacewalk, rhn-client-tools, rhnsd, rhnlib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Satellite 5 client module...
satellite-5-client module update
Satellite 5 client module provides programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Satellite 5. This update fixes the following bugs: A build dependency on Python 2 gtk-builder-convert has been dropped...
satellite-5-client module update
An update is available for dnf-plugin-spacewalk, rhn-client-tools, rhnsd, rhnlib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Satellite 5 client module...
satellite-5-client module update
Satellite 5 client module provides programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Satellite 5. This update fixes the following bugs: A build dependency on Python 2 gtk-builder-convert has been dropped...
ALBA-2019:1955 satellite-5-client module update
Satellite 5 client module provides programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Satellite 5. This update fixes the following bugs: A build dependency on Python 2 gtk-builder-convert has been dropped...
Cross-Site Scripting (XSS)
Red Hat Satellite 5 is vulnerable to cross-site scripting XSS attacks. A remote attacker is able to pass malicious input via the parameters in admin/BunchDetail.do; and software/packages/NameOverview.do; with the intention of executing arbitrary Javascript code on the victims browser...
Virtuozzo 6 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-1721)
An update for httpd is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
(RHSA-2018:3456) Low: Red Hat Satellite Server 5 - 90 day End Of Life Notice
The RHN service for Satellite 5.7, 5.6, and earlier versions of Satellite 5 will exit the existing Limited Maintenance Release phase and be permanently shut down on January 31, 2019. After this date, for the affected Satellite 5 versions: No content will be available from RHN. Both system level...
Design/Logic Flaw
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate...
CVE-2017-7513
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate...
CVE-2017-7513
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate...
Cross site scripting
A cross-site scripting XSS flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this flaw to perform XSS attacks against other Satellite users...
CVE-2017-7538
A cross-site scripting XSS flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this flaw to perform XSS attacks against other Satellite users...
CVE-2017-7538
A cross-site scripting XSS flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this flaw to perform XSS attacks against other Satellite users...
CVE-2017-7538
CVE-2017-7538 is an XSS flaw in how Satellite/Spacewalk displays an organization name (before version 5.8). Exploitation requires changing an organization name, enabling XSS against other Satellite users. Public-facing sources in connected docs include RHSA-2017:2645 and SUSE/SUSE-SU-2017:2453-1 ...