Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2369

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-2369
Last Modified 10 Sep 2008 09:10:29
Published 14 Aug 2008 04:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2369

Summary

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.

Vulnerable Systems

Application

  • Red Hat Network Satellite Server 2

  • Red Hat Network Satellite Server 2.0.1

  • Red Hat Network Satellite Server 2.6

  • Red Hat Network Satellite Server 2.7

  • Red Hat Network Satellite Server 3

  • Red Hat Network Satellite Server 3.2

  • Red Hat Network Satellite Server 3.4

  • Red Hat Network Satellite Server 3.6

  • Red Hat Network Satellite Server 3.7

  • Red Hat Network Satellite Server 3.7.2

  • Red Hat Network Satellite Server 4

  • Red Hat Network Satellite Server 4.0.1

  • Red Hat Network Satellite Server 4.0.2

  • Red Hat Network Satellite Server 4.0.5

  • Red Hat Network Satellite Server 4.0.6

  • Red Hat Network Satellite Server 4.0.7

  • Red Hat Network Satellite Server 4.1

  • Red Hat Network Satellite Server 4.1.2

  • Red Hat Network Satellite Server 4.1.5

  • Red Hat Network Satellite Server 4.2

  • Red Hat Network Satellite Server 4.2.1

  • Red Hat Network Satellite Server 4.2.2

  • Red Hat Network Satellite Server 5

  • Red Hat Network Satellite Server 5.0.1

  • Red Hat Network Satellite Server 5.1.0


References

XF - rhnss-manzier-information-disclosure(44452)

BID - 30679

SECTRACK - 1020694

SECUNIA - 31493

REDHAT - RHSA-2008:0630


Last Updated: 27 May 2016 10:47:50