It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat satellite 5.0 |
||
redhat satellite 5.4 |
||
redhat satellite 5.2 |
||
redhat satellite 5.8 |
||
redhat satellite 5.7 |
||
redhat satellite 5.6 |
||
redhat satellite 5.5 |
||
redhat satellite 5.4.1 |
||
redhat satellite 5.3 |
||
redhat satellite 5.1.1 |