- EPSS 1.79%
- Veröffentlicht 16.06.2012 00:55:06
- Zuletzt bearbeitet 11.04.2025 00:51:21
spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when mod_wsgi is used, which allows remote attackers to cause a denial of service (/var part...
CVE-2011-4346
- EPSS 0.28%
- Veröffentlicht 10.12.2011 17:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page.
CVE-2010-1171
- EPSS 0.96%
- Veröffentlicht 18.04.2011 17:55:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and pa...
CVE-2008-2369
- EPSS 0.62%
- Veröffentlicht 14.08.2008 20:41:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.
- EPSS 17.69%
- Veröffentlicht 30.03.2007 00:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted U...