RHSA-2008:0630 - Security Advisory

Topic

Red Hat Network Satellite Server version 5.1.1 is now available. This
update includes fixes for a number of security issues in Red Hat Network
Satellite Server components.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

During an internal security audit, it was discovered that Red Hat Network
Satellite Server shipped with an XML-RPC script, manzier.pxt, which had a
single hard-coded authentication key. A remote attacker who is able to
connect to the Satellite Server XML-RPC service could use this flaw to
obtain limited information about Satellite Server users, such as login
names, associated email addresses, internal user IDs, and partial
information about entitlements. (CVE-2008-2369)

This release also corrects several security vulnerabilities in various
components shipped as part of Red Hat Network Satellite Server 5.1. In a
typical operating environment, these components are not exposed to users
of Satellite Server in a vulnerable manner. These security updates will
reduce risk in unique Satellite Server environments.

A denial-of-service flaw was fixed in mod_perl. (CVE-2007-1349)

Multiple cross-site scripting flaws were fixed in the image map feature in
the JFreeChart package. (CVE-2007-6306)

A flaw which could result in weak encryption was fixed in the
perl-Crypt-CBC package. (CVE-2006-0898)

Multiple flaws were fixed in the Apache Tomcat package. (CVE-2005-4838,
CVE-2006-0254, CVE-2007-1355, CVE-2007-1358, CVE-2007-2449, CVE-2007-5461,
CVE-2008-0128)

Users of Red Hat Network Satellite Server 5.1 are advised to upgrade to
5.1.1, which resolves these issues.

Solution

This update is available via Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
http://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.1.0/html/Installation_Guide/s1-maintenance-update.html

Affected Products

• Red Hat Network Satellite 5.1 (for RHEL Mainframe) 5.1 s390x
• Red Hat Network Satellite 5.1 (for RHEL Mainframe) 5.1 s390
• Red Hat Network Satellite 5.1 (for RHEL Server) 5.1 x86_64
• Red Hat Network Satellite 5.1 (for RHEL Server) 5.1 i386

Fixes

• BZ - 238401 - CVE-2005-4838 tomcat manager example DoS
• BZ - 240423 - CVE-2007-1349 mod_perl PerlRun denial of service
• BZ - 244803 - CVE-2007-1358 tomcat accept-language xss flaw
• BZ - 244804 - CVE-2007-2449 tomcat examples jsp XSS
• BZ - 253166 - CVE-2007-1355 tomcat XSS in samples
• BZ - 333791 - CVE-2007-5461 Absolute path traversal Apache Tomcat WEBDAV
• BZ - 421081 - CVE-2007-6306 JFreeChart: XSS vulnerabilities in the image map feature
• BZ - 429821 - CVE-2008-0128 tomcat5 SSO cookie login information disclosure
• BZ - 430522 - CVE-2006-0898 perl-Crypt-CBC weaker encryption with some ciphers
• BZ - 430646 - CVE-2006-0254 tomcat examples XSS
• BZ - 452461 - CVE-2008-2369 RHN Satellite: information disclosure via manzier.pxt RPC script

CVEs

• CVE-2008-2369
• CVE-2006-0898
• CVE-2008-0128
• CVE-2007-1355
• CVE-2007-6306
• CVE-2007-5461
• CVE-2007-2449
• CVE-2007-1358
• CVE-2007-1349
• CVE-2005-4838
• CVE-2006-0254

References

• http://www.redhat.com/security/updates/classification/#low