Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 2010-06-07 |
Product | Yum-Rhn-Plugin | Last view | 2010-06-07 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:redhat:yum-rhn-plugin:*:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
3.6 | 2010-06-07 | CVE-2010-1439 | yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security updates, by leveraging authentication data from this file. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:9232 | yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red ... |
oval:org.mitre.oval:def:21382 | RHSA-2010:0449: rhn-client-tools security update (Moderate) |
oval:org.mitre.oval:def:23151 | ELSA-2010:0449: rhn-client-tools security update (Moderate) |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
65063 | Red Hat rhn-client-tools /var/spool/up2date/loginAuth.pkl Insecure File Permi... |
OpenVAS Exploits
id | Description |
---|---|
2010-06-07 | Name : RedHat Update for rhn-client-tools RHSA-2010:0449-01 File : nvt/gb_RHSA-2010_0449-01_rhn-client-tools.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20100601_rhn_client_tools_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
2010-06-02 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2010-0449.nasl - Type: ACT_GATHER_INFO |