Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3270


Vulnerability Score 2.6 2.6
CVE Id CVE-2008-3270
Last Modified 21 Aug 2010 01:22:18
Published 18 Aug 2008 01:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and installation of official Red Hat packages that were not requested.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 5.0



BID - 30695

REDHAT - RHSA-2008:0815

SECTRACK - 1020698

SECUNIA - 31472

Last Updated: 27 May 2016 10:48:08