Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
BID:52832
Info
Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
| Bugtraq ID: | 52832 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-1145 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 30 2012 12:00AM |
| Updated: | Mar 30 2012 12:00AM |
| Credit: | Red Hat |
| Vulnerable: |
Red Hat Red Hat Network Satellite Server 5.4 Red Hat Network Satellite Server (for RHEL 6) 5.4 |
| Not Vulnerable: | |
Discussion
Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
Red Hat Network Satellite Server is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass security restrictions and upload arbitrary packages to an application's NULL organization. This may lead to a denial-of-service condition.
Red Hat Network Satellite Server 5.4 is affected.
Red Hat Network Satellite Server is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass security restrictions and upload arbitrary packages to an application's NULL organization. This may lead to a denial-of-service condition.
Red Hat Network Satellite Server 5.4 is affected.
Exploit / POC
Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
An attacker can exploit this issue through readily available tools.
An attacker can exploit this issue through readily available tools.
Solution / Fix
Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
Solution:
Updates are available. Please see the reference for more information.
Solution:
Updates are available. Please see the reference for more information.
References
Red Hat Network Satellite Server NULL Organization Package Upload Security Bypass Vulnerability
References:
References: