3.6
CVE-2010-1439
- EPSS 0.38%
- Veröffentlicht 07.06.2010 17:12:48
- Zuletzt bearbeitet 16.06.2026 23:18:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security updates, by leveraging authentication data from this file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Yum-rhn-plugin
Redhat ≫ Rhn-client-tools
Fedoraproject ≫ Fedora
Redhat ≫ Enterprise Linux Version5
Redhat ≫ Enterprise Linux Version5 Updatega Editionserver
Redhat ≫ Enterprise Linux Version5.0
Fedoraproject ≫ Fedora
Redhat ≫ Enterprise Linux Version5
Redhat ≫ Enterprise Linux Version5 Updatega Editionserver
Redhat ≫ Enterprise Linux Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.3 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.6 | 3.9 | 4.9 |
AV:L/AC:L/Au:N/C:P/I:P/A:N
|
http://secunia.com/advisories/39996
http://securitytracker.com/id?1024049
http://www.osvdb.org/65063
http://www.redhat.com/support/errata/RHSA-2010-0449.html
http://www.securityfocus.com/bid/40492
http://www.vupen.com/english/advisories/2010/1311
https://bugzilla.redhat.com/show_bug.cgi?id=585386
https://exchange.xforce.ibmcloud.com/vulnerabilities/59114
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9232