Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

Bugtraq ID:	30695
Class:	Origin Validation Error
CVE:	CVE-2008-3270
Remote:	Yes
Local:	No
Published:	Aug 14 2008 12:00AM
Updated:	Aug 27 2008 04:25AM
Credit:	The vendor disclosed this issue.
Vulnerable:	Redhat yum-rhn-plugin 0 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server
Not Vulnerable:

Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

The Red Hat yum-rhn-plugin is prone to a denial-of-service vulnerability because it fails to adequately validate communication with Red Hat Network (RHN) servers.

Attackers can exploit this issue to prevent users from accessing security updates. This can provide a window of opportunity for an attacker to exploit a vulnerability addressed by a security update.

NOTE: This issue cannot be leveraged to install malicious packages because packages signatures are still verified prior to installation.

Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

Attackers can exploit this issue by performing man-in-the-middle attacks.

Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.

Red Hat yum-rhn-plugin RHN Updates Denial of Service Vulnerability

References:

• [Other] Bug 457113 - (CVE-2008-3270) CVE-2008-3270 yum-rhn-plugin: does not (Red Hat)
  
• Red Hat Homepage (Red Hat)
  
• RHSA-2008:0815-7 Moderate: yum-rhn-plugin security update (Red Hat)