Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2011:0434 - Security Advisory
Issued:
2011-04-11
Updated:
2011-04-11

RHSA-2011:0434 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: security update for Red Hat Network Satellite

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated packages that fix two security issues are now available for Red Hat
Network Satellite 5.3 and 5.4.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Description

Red Hat Network Satellite (RHN Satellite) is a system management tool for
Linux-based infrastructures. It allows for the provisioning, remote
management and monitoring of multiple Linux deployments with a single,
centralized tool.

RHN Satellite incorrectly exposed an obsolete XML-RPC API for configuring
package group (comps.xml) files for channels. An authenticated user could
use this flaw to gain access to arbitrary files accessible to the RHN
Satellite server process, and prevent clients from performing certain yum
operations. (CVE-2010-1171)

A flaw was found in the way RHN Satellite rewrote certain URLs. An
unauthenticated user could use a specially-crafted HTTP request to obtain
sensitive information about the host system RHN Satellite was running on.
They could also use RHN Satellite as a distributed denial of service tool,
forcing it to connect to an arbitrary service at an arbitrary IP address
via a specially-crafted HTTP request. (CVE-2009-0788)

Note: Refer to the Solution section below for manual steps that may be
required to fully address the CVE-2009-0788 issue.

Users of RHN Satellite 5.3 and 5.4 are advised to upgrade to these updated
packages, which contain backported patches to correct these issues. The RHN
Satellite server must be restarted ("rhn-satellite restart") for this
update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

The patch for CVE-2009-0788 includes changes to
"/etc/httpd/conf.d/zz-spacewalk-www.conf". If you have manually edited
this file, this erratum will not overwrite or replace your existing
version, but will create a new file containing the fixes,
"/etc/httpd/conf.d/zz-spacewalk-www.conf.rpmnew". If this .rpmnew file
exists after installing the update, the following steps must be
performed to fully fix CVE-2009-0788:

1) Create a backup copy of your
"/etc/httpd/conf.d/zz-spacewalk-www.conf" file.

2) Carefully review your manual zz-spacewalk-www.conf changes, and
merge those changes into the zz-spacewalk-www.conf.rpmnew file.

3) Once you have merged all your manual changes into
zz-spacewalk-www.conf.rpmnew, save this new version as
"/etc/httpd/conf.d/zz-spacewalk-www.conf", and then restart the RHN
Satellite server ("rhn-satellite restart").

Affected Products

  • Red Hat Satellite with Embedded Oracle 5.4 for RHEL 5 x86_64
  • Red Hat Satellite with Embedded Oracle 5.4 for RHEL 5 i386
  • Red Hat Satellite with Embedded Oracle 5.3 x86_64
  • Red Hat Satellite with Embedded Oracle 5.3 i386

Fixes

  • BZ - 491365 - CVE-2009-0788 rhn_satellite: Incorrect mod_rewrite rules (information disclosure, abuse as distributed DoS tool)
  • BZ - 584118 - CVE-2010-1171 rhn_satellite: Improper channel comps information management

CVEs

  • CVE-2010-1171
  • CVE-2009-0788

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Satellite with Embedded Oracle 5.4 for RHEL 5

SRPM
spacewalk-backend-1.2.13-37.el5sat.src.rpm SHA-256: a34c6b10f516be30b392203f02f2e54bac1ba306b60ff768b197969d1e1ae289
spacewalk-config-1.2.2-2.el5sat.src.rpm SHA-256: d4bd1e107b13f296e3a5538adaf986d615b35206576dcf6b6c8c278563fcdada
x86_64
spacewalk-backend-1.2.13-37.el5sat.noarch.rpm SHA-256: 2f4a11fb7c3560f0b0d0e9a17acf01b5bb1b1c53e0489f74ebe34ebf528d8a28
spacewalk-backend-app-1.2.13-37.el5sat.noarch.rpm SHA-256: c01d3cff6433916cf8ae4eb4bd12ba8a1a6ca8532863ef198d9e22563639c74a
spacewalk-backend-applet-1.2.13-37.el5sat.noarch.rpm SHA-256: 7d360c98169272c75a10a4e97fb99d1b06f1f7494d629b1e62de555141aeda75
spacewalk-backend-config-files-1.2.13-37.el5sat.noarch.rpm SHA-256: 8c9733a0a7ab11ae5685d4415e0ace8f6e4ede8a4c5cbe126b367d803007026a
spacewalk-backend-config-files-common-1.2.13-37.el5sat.noarch.rpm SHA-256: 6580f7df0bd6819028232a643c94907b9d555c618f90350bb412685ff37a2d80
spacewalk-backend-config-files-tool-1.2.13-37.el5sat.noarch.rpm SHA-256: a4d9f981f06857639b9f2d4d9d08211d0e496840817ef9a082bfe153230af4bf
spacewalk-backend-iss-1.2.13-37.el5sat.noarch.rpm SHA-256: be8c92bc39a205d7c93f468b510cd073e3d7b123c9523facc2eb911aba1e7dfb
spacewalk-backend-iss-export-1.2.13-37.el5sat.noarch.rpm SHA-256: e6a7d813dbfdb0afa097ba1352b3a805174542ba340f4ce6f8c9d576991ed85b
spacewalk-backend-libs-1.2.13-37.el5sat.noarch.rpm SHA-256: 5f112a22ff31953559f2f19a2291e74dbafd6f1f7dce4fc0b2e08e75c455355b
spacewalk-backend-package-push-server-1.2.13-37.el5sat.noarch.rpm SHA-256: a358bf9da3acd1da52afb528e9b4afe64419767e67ae7a20aeca7fe6de010316
spacewalk-backend-server-1.2.13-37.el5sat.noarch.rpm SHA-256: 52207e8129276a8cc2d33e35df307c5da954396fb343b0043381fbbee59093b0
spacewalk-backend-sql-1.2.13-37.el5sat.noarch.rpm SHA-256: 5ef3b1ccaf45f2621deedcd60e09ca615d98d6004efc6f30a821310aea1e1c45
spacewalk-backend-sql-oracle-1.2.13-37.el5sat.noarch.rpm SHA-256: 8ac9b49e665e1f0dbaed8e1332a8afceabb358f9c852e57256c028350aa7e8ca
spacewalk-backend-tools-1.2.13-37.el5sat.noarch.rpm SHA-256: 51f99ee407239d04eb3f50075556b66a939c113a8146dc3047ae544d10a696fa
spacewalk-backend-upload-server-1.2.13-37.el5sat.noarch.rpm SHA-256: bf911d3e5e4c81c5eca04a0f9398b590bdf01d82adec4a504785786bc1b07c5b
spacewalk-backend-xml-export-libs-1.2.13-37.el5sat.noarch.rpm SHA-256: 19680ae33011321eeb9e0ca6eb59df2a3925d74fb1e0531dc5e561f375da396f
spacewalk-backend-xmlrpc-1.2.13-37.el5sat.noarch.rpm SHA-256: ea55b489dcd401b4fe73b6b6606fef57642ed5694a1bb1ed583d03dc256d62bc
spacewalk-backend-xp-1.2.13-37.el5sat.noarch.rpm SHA-256: d48ef82053d677fa876a57560918ebcdff5a49b40f21fbbd28278df526f7b603
spacewalk-config-1.2.2-2.el5sat.noarch.rpm SHA-256: 066ac097d60f5837e726ff73aa577b69e98e39ed489418dbda07eab4898b5b50
i386
spacewalk-backend-1.2.13-37.el5sat.noarch.rpm SHA-256: 2f4a11fb7c3560f0b0d0e9a17acf01b5bb1b1c53e0489f74ebe34ebf528d8a28
spacewalk-backend-app-1.2.13-37.el5sat.noarch.rpm SHA-256: c01d3cff6433916cf8ae4eb4bd12ba8a1a6ca8532863ef198d9e22563639c74a
spacewalk-backend-applet-1.2.13-37.el5sat.noarch.rpm SHA-256: 7d360c98169272c75a10a4e97fb99d1b06f1f7494d629b1e62de555141aeda75
spacewalk-backend-config-files-1.2.13-37.el5sat.noarch.rpm SHA-256: 8c9733a0a7ab11ae5685d4415e0ace8f6e4ede8a4c5cbe126b367d803007026a
spacewalk-backend-config-files-common-1.2.13-37.el5sat.noarch.rpm SHA-256: 6580f7df0bd6819028232a643c94907b9d555c618f90350bb412685ff37a2d80
spacewalk-backend-config-files-tool-1.2.13-37.el5sat.noarch.rpm SHA-256: a4d9f981f06857639b9f2d4d9d08211d0e496840817ef9a082bfe153230af4bf
spacewalk-backend-iss-1.2.13-37.el5sat.noarch.rpm SHA-256: be8c92bc39a205d7c93f468b510cd073e3d7b123c9523facc2eb911aba1e7dfb
spacewalk-backend-iss-export-1.2.13-37.el5sat.noarch.rpm SHA-256: e6a7d813dbfdb0afa097ba1352b3a805174542ba340f4ce6f8c9d576991ed85b
spacewalk-backend-libs-1.2.13-37.el5sat.noarch.rpm SHA-256: 5f112a22ff31953559f2f19a2291e74dbafd6f1f7dce4fc0b2e08e75c455355b
spacewalk-backend-package-push-server-1.2.13-37.el5sat.noarch.rpm SHA-256: a358bf9da3acd1da52afb528e9b4afe64419767e67ae7a20aeca7fe6de010316
spacewalk-backend-server-1.2.13-37.el5sat.noarch.rpm SHA-256: 52207e8129276a8cc2d33e35df307c5da954396fb343b0043381fbbee59093b0
spacewalk-backend-sql-1.2.13-37.el5sat.noarch.rpm SHA-256: 5ef3b1ccaf45f2621deedcd60e09ca615d98d6004efc6f30a821310aea1e1c45
spacewalk-backend-sql-oracle-1.2.13-37.el5sat.noarch.rpm SHA-256: 8ac9b49e665e1f0dbaed8e1332a8afceabb358f9c852e57256c028350aa7e8ca
spacewalk-backend-tools-1.2.13-37.el5sat.noarch.rpm SHA-256: 51f99ee407239d04eb3f50075556b66a939c113a8146dc3047ae544d10a696fa
spacewalk-backend-upload-server-1.2.13-37.el5sat.noarch.rpm SHA-256: bf911d3e5e4c81c5eca04a0f9398b590bdf01d82adec4a504785786bc1b07c5b
spacewalk-backend-xml-export-libs-1.2.13-37.el5sat.noarch.rpm SHA-256: 19680ae33011321eeb9e0ca6eb59df2a3925d74fb1e0531dc5e561f375da396f
spacewalk-backend-xmlrpc-1.2.13-37.el5sat.noarch.rpm SHA-256: ea55b489dcd401b4fe73b6b6606fef57642ed5694a1bb1ed583d03dc256d62bc
spacewalk-backend-xp-1.2.13-37.el5sat.noarch.rpm SHA-256: d48ef82053d677fa876a57560918ebcdff5a49b40f21fbbd28278df526f7b603
spacewalk-config-1.2.2-2.el5sat.noarch.rpm SHA-256: 066ac097d60f5837e726ff73aa577b69e98e39ed489418dbda07eab4898b5b50

Red Hat Satellite with Embedded Oracle 5.3

SRPM
spacewalk-backend-0.5.28-59.2.el5sat.src.rpm SHA-256: 1b636a511828fe56c2bc3cf3fdc761d0bfb4aaf41d67ec8400b1d8f499a1f5ab
spacewalk-config-0.5.9-16.el5sat.src.rpm SHA-256: e6258383760c8d7f9d6cea64aa9fa731ec6fdb87b8ff0c57e33f29d0e8e6bb58
x86_64
spacewalk-backend-0.5.28-59.2.el5sat.noarch.rpm SHA-256: ce745446186acd4fa73665a98b15c794c808b9b32199a7c60611e5c107bf07bb
spacewalk-backend-app-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 5cef92b946a852e6b83e9780b7de1c9722073a2848a7e6e5683572ec378a94e7
spacewalk-backend-applet-0.5.28-59.2.el5sat.noarch.rpm SHA-256: dc82e8d7781cc9e7c6c8b0d17c2ddfb3ce68175b8e935d3d6d46f7ca79844182
spacewalk-backend-config-files-0.5.28-59.2.el5sat.noarch.rpm SHA-256: fa9fdd237f3362374440319207e4a7ac0519318f9fb8a97c30cd9d3b0fed8d2d
spacewalk-backend-config-files-common-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 810c5cd2bfdf96a2616fe3428cfcf8bf7311fba0f4b97a21d4c212af2f5179e9
spacewalk-backend-config-files-tool-0.5.28-59.2.el5sat.noarch.rpm SHA-256: ae043d4356b3f27acf6f453075cea92eed8907405c7a0bbe57b6cd5cc2d20610
spacewalk-backend-iss-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 43b018f8c0c9c88fd86faaa25c1fc3894a974e4ab9286fdf6383f3c80477f4dc
spacewalk-backend-iss-export-0.5.28-59.2.el5sat.noarch.rpm SHA-256: a29bb6e6da84b6b6b935fd0114ddb38fc5ba8e3602670cc5d6a2d2d78619ef58
spacewalk-backend-package-push-server-0.5.28-59.2.el5sat.noarch.rpm SHA-256: a7ed3ccac4ef19de8e2594ed0de95df2c9aac5bbd5f09ffeb4d8d48c35ab521b
spacewalk-backend-server-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 55b10e326c8ee17f9d6c95f2c876975ed39fbc5778c4f4faf0ba0fc8ac60f7a7
spacewalk-backend-sql-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 7c37bc15dbf1f857bb880226b0e23638c2c09d988c7acab81b35c14e557ab56f
spacewalk-backend-tools-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 02c84da8734fe13cbba2a827fc617adbf0bc13e52526e97a97cbb335961393ac
spacewalk-backend-upload-server-0.5.28-59.2.el5sat.noarch.rpm SHA-256: a36d62e202415fdb0073452367fcbbcf18d2c4e509e9e02ae45ae3dd29a88076
spacewalk-backend-xml-export-libs-0.5.28-59.2.el5sat.noarch.rpm SHA-256: dc042f96e47f9f4e30be9812ccca51a4dd8e0b57f05bf57cb8749d69ba631924
spacewalk-backend-xmlrpc-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 85876c7aee9640e02fdf7b25290e97a0f656fe909ce00e8f2af3b909d0b19719
spacewalk-backend-xp-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 657ab0371a92780efb3b42b40ac6cfbad01963211aaef4ef07010208c931163f
spacewalk-config-0.5.9-16.el5sat.noarch.rpm SHA-256: ac5c92f60af186493201f4ddae7c649d526fc97f3999f334c511b8c5c6ff4886
i386
spacewalk-backend-0.5.28-59.2.el5sat.noarch.rpm SHA-256: ce745446186acd4fa73665a98b15c794c808b9b32199a7c60611e5c107bf07bb
spacewalk-backend-app-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 5cef92b946a852e6b83e9780b7de1c9722073a2848a7e6e5683572ec378a94e7
spacewalk-backend-applet-0.5.28-59.2.el5sat.noarch.rpm SHA-256: dc82e8d7781cc9e7c6c8b0d17c2ddfb3ce68175b8e935d3d6d46f7ca79844182
spacewalk-backend-config-files-0.5.28-59.2.el5sat.noarch.rpm SHA-256: fa9fdd237f3362374440319207e4a7ac0519318f9fb8a97c30cd9d3b0fed8d2d
spacewalk-backend-config-files-common-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 810c5cd2bfdf96a2616fe3428cfcf8bf7311fba0f4b97a21d4c212af2f5179e9
spacewalk-backend-config-files-tool-0.5.28-59.2.el5sat.noarch.rpm SHA-256: ae043d4356b3f27acf6f453075cea92eed8907405c7a0bbe57b6cd5cc2d20610
spacewalk-backend-iss-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 43b018f8c0c9c88fd86faaa25c1fc3894a974e4ab9286fdf6383f3c80477f4dc
spacewalk-backend-iss-export-0.5.28-59.2.el5sat.noarch.rpm SHA-256: a29bb6e6da84b6b6b935fd0114ddb38fc5ba8e3602670cc5d6a2d2d78619ef58
spacewalk-backend-package-push-server-0.5.28-59.2.el5sat.noarch.rpm SHA-256: a7ed3ccac4ef19de8e2594ed0de95df2c9aac5bbd5f09ffeb4d8d48c35ab521b
spacewalk-backend-server-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 55b10e326c8ee17f9d6c95f2c876975ed39fbc5778c4f4faf0ba0fc8ac60f7a7
spacewalk-backend-sql-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 7c37bc15dbf1f857bb880226b0e23638c2c09d988c7acab81b35c14e557ab56f
spacewalk-backend-tools-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 02c84da8734fe13cbba2a827fc617adbf0bc13e52526e97a97cbb335961393ac
spacewalk-backend-upload-server-0.5.28-59.2.el5sat.noarch.rpm SHA-256: a36d62e202415fdb0073452367fcbbcf18d2c4e509e9e02ae45ae3dd29a88076
spacewalk-backend-xml-export-libs-0.5.28-59.2.el5sat.noarch.rpm SHA-256: dc042f96e47f9f4e30be9812ccca51a4dd8e0b57f05bf57cb8749d69ba631924
spacewalk-backend-xmlrpc-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 85876c7aee9640e02fdf7b25290e97a0f656fe909ce00e8f2af3b909d0b19719
spacewalk-backend-xp-0.5.28-59.2.el5sat.noarch.rpm SHA-256: 657ab0371a92780efb3b42b40ac6cfbad01963211aaef4ef07010208c931163f
spacewalk-config-0.5.9-16.el5sat.noarch.rpm SHA-256: ac5c92f60af186493201f4ddae7c649d526fc97f3999f334c511b8c5c6ff4886

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility