spacewalk is vulnerable to information disclosure. A flaw was found in the way RHN Satellite Server managed user authentication. A time delay was not inserted after each failed log in, which could allow a remote attacker to conduct a password guessing attack efficiently.
secunia.com/advisories/43487
www.redhat.com/support/errata/RHSA-2011-0300.html
www.securityfocus.com/bid/46528
www.securitytracker.com/id?1025116
www.vupen.com/english/advisories/2011/0491
access.redhat.com/errata/RHSA-2011:0300
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=672159
exchange.xforce.ibmcloud.com/vulnerabilities/65657