Moderate: Red Hat Network Satellite Server security update

Advisory:	RHSA-2007:0868-2
Type:	Security Advisory
Severity:	Moderate
Issued on:	2007-08-29
Last updated on:	2007-08-29
Affected Products:	Red Hat Network Satellite (v. 5.0 for RHEL 4)
OVAL:	N/A
CVEs (cve.mitre.org):	CVE-2007-4132

Details

Red Hat Network Satellite Server version 5.0.1 is now available which fixes
a security issue in version 5.0.0.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

During an internal code audit, a flaw was found in an unused back-end
XMLRPC handler first added to Red Hat Network Satellite Server 5.0.0. A
remote attacker with valid authentication credentials who was able to
connect to a Satellite Server could use this flaw to execute arbitrary code
on the server as the 'apache' user. (CVE-2007-4132)

Users of Red Hat Network Satellite Server 5.0.0 are advised to upgrade to
5.0.1 which removes the unused, vulnerable handler.

Note: This issue did not affect the hosted version of Red Hat Network or
versions of Red Hat Network Satellite Server prior to 5.0.0.

Solution

This update is available via Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
http://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.0.0/html/Installation_Guide/s1-maintenance-update.html

Updated packages

Red Hat Network Satellite (v. 5.0 for RHEL 4)

IA-32:
rhns-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`9a027fe9d40ac1cc35af2a213f10d099`
rhns-app-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`bc7aa5f6ac0012a10dbb5df0c0c48c63`
rhns-applet-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`5214a2beb09c92ae093e6fe3e13f0adb`
rhns-config-files-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`640fc6dcb2c14160726a1ab41bc798d9`
rhns-config-files-common-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`517d864248a1a0e5868901e3c025e2c0`
rhns-config-files-tool-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`3482b8f97ae7ba65b1fba92cd530bd14`
rhns-package-push-server-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`7cffc4e22e90969b2a515d69601379bd`
rhns-satellite-tools-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`b421d5c0f136b18cf39df6f93b652c97`
rhns-server-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`3b9d36bdcd530d25dabc1ccac36d87de`
rhns-sql-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`d0a40978f7534d4fb81ead1109962685`
rhns-xml-export-libs-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`17f3fa0cf68686b63d4b207273a0522a`
rhns-xmlrpc-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`c26234def2cd023d6304b0c8a1b612b4`
rhns-xp-5.0.1-10.noarch.rpm File outdated by: RHBA-2008:1005	`0cf2aa7b700c885c2fcf64305fb1972e`

(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

253239 - CVE-2007-4132 RHN Satellite xmlrpc flaw

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4132
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/