redhat network satellite - vulnerabilities and exploits

(subscribe to this query)

6.8

CVSSv2

Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 up to and including 5.4.1 and other products, allows remote malicious users to hijack the authent...

Redhat Network Satellite Server 5.4.0 Redhat Network Satellite Server 5.3.0 Redhat Network Satellite Server 5.4.1 Redhat Spacewalk-java 1.2.39

6.4

CVSSv2

Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote malicious users to (1) obtain unspecified sensitive host information or (2) use the server as an inadvertent proxy to connect to arbitrary services and IP addresses ...

Redhat Network Satellite Server 5.3 Redhat Network Satellite Server 5.4

6

CVSSv2

The monitoring probe display in spacewalk-java prior to 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 up to and including 4.2.0 and 5.1.0 up to and including 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execut...

Redhat Satellite 4.0 Redhat Satellite 4.2 Redhat Satellite 5.3 Redhat Spacewalk-java Redhat Network Proxy 5.3 Redhat Satellite 5.1 Redhat Satellite 5.2 Redhat Satellite 4.1

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite prior to 5.0.2, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.

Redhat Network Satellite

5.8

CVSSv2

Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter.

Redhat Spacewalk 1.6 Redhat Network Satellite -

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in the Lookup Login/Password form in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote malicious users to inject arbitrary web script or HTML via the URI.

Redhat Spacewalk 1.6 Redhat Network Satellite -

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote malicious users to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page.

Redhat Spacewalk 1.6 Redhat Network Satellite -

4.3

CVSSv2

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote malicious users to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms.

Redhat Spacewalk 1.6 Redhat Network Satellite -

4.3

CVSSv2

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote malicious users to inject arbitrary web script or HTML via vectors related to Search forms.

Redhat Spacewalk 1.6 Redhat Network Satellite -

7.5

CVSSv2

Red Hat Satellite 5.6 and previous versions does not disable the web interface that is used to create the first user for a satellite, which allows remote malicious users to create administrator accounts.

Redhat Network Satellite Redhat Satellite With Embedded Oracle 5.4 Redhat Satellite With Embedded Oracle 5.3 Redhat Satellite With Embedded Oracle 5.5 Redhat Satellite Redhat Satellite With Embedded Oracle 5.2 Suse Manager 1.7 Suse Linux Enterprise 11.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook