4 matches found
CVE-2009-4139
The CVE-2009-4139 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in Spacewalk’s spacewalk-java (version 1.2.39) used by Red Hat Network Satellite server (5.3.0–5.4.1) and related products. The issue allows an attacker, by deceiving an authenticated user, to hijack that user’s s...
CVE-2009-0788
RHN Satellite (Red Hat Network Satellite) on RHEL 5.3/5.4 is affected by CVE-2009-0788 due to improper rewriting of certain URLs, enabling an unauthenticated attacker to obtain sensitive host information or misuse the server as a proxy to reach arbitrary services/IPs. Red Hat’s RHSA-2011:0434 doc...
CVE-2011-0718
The CVE-2011-0718 issue affects Red Hat Network Satellite Server 5.4, where no time delay is enforced after a failed login, enabling potential brute‑force password guessing from remote attackers. Connected sources confirm this is addressed by the Red Hat advisory RHSA-2011:0300, which provides up...
CVE-2011-0717
The CVE-2011-0717 issue affects Red Hat Network Satellite Server 5.4 (Spacewalk-related). The root cause is a session fixation flaw where session cookies can be manipulated, enabling an attacker to hijack a user’s session after login. Documented impact includes potential partial disclosure/integr...