Security Advisory Moderate: Red Hat Network Satellite Server security update

Advisory: RHSA-2007:0868-2
Type: Security Advisory
Severity: Moderate
Issued on: 2007-08-29
Last updated on: 2007-08-29
Affected Products: Red Hat Network Satellite (v. 5.0 for RHEL 4)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2007-4132

Details

Red Hat Network Satellite Server version 5.0.1 is now available which fixes
a security issue in version 5.0.0.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

During an internal code audit, a flaw was found in an unused back-end
XMLRPC handler first added to Red Hat Network Satellite Server 5.0.0. A
remote attacker with valid authentication credentials who was able to
connect to a Satellite Server could use this flaw to execute arbitrary code
on the server as the 'apache' user. (CVE-2007-4132)

Users of Red Hat Network Satellite Server 5.0.0 are advised to upgrade to
5.0.1 which removes the unused, vulnerable handler.

Note: This issue did not affect the hosted version of Red Hat Network or
versions of Red Hat Network Satellite Server prior to 5.0.0.


Solution

This update is available via Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
http://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.0.0/html/Installation_Guide/s1-maintenance-update.html

Updated packages

Red Hat Network Satellite (v. 5.0 for RHEL 4)
IA-32:
rhns-5.0.1-10.noarch.rpm     9a027fe9d40ac1cc35af2a213f10d099
rhns-app-5.0.1-10.noarch.rpm     bc7aa5f6ac0012a10dbb5df0c0c48c63
rhns-applet-5.0.1-10.noarch.rpm     5214a2beb09c92ae093e6fe3e13f0adb
rhns-config-files-5.0.1-10.noarch.rpm     640fc6dcb2c14160726a1ab41bc798d9
rhns-config-files-common-5.0.1-10.noarch.rpm     517d864248a1a0e5868901e3c025e2c0
rhns-config-files-tool-5.0.1-10.noarch.rpm     3482b8f97ae7ba65b1fba92cd530bd14
rhns-package-push-server-5.0.1-10.noarch.rpm     7cffc4e22e90969b2a515d69601379bd
rhns-satellite-tools-5.0.1-10.noarch.rpm     b421d5c0f136b18cf39df6f93b652c97
rhns-server-5.0.1-10.noarch.rpm     3b9d36bdcd530d25dabc1ccac36d87de
rhns-sql-5.0.1-10.noarch.rpm     d0a40978f7534d4fb81ead1109962685
rhns-xml-export-libs-5.0.1-10.noarch.rpm     17f3fa0cf68686b63d4b207273a0522a
rhns-xmlrpc-5.0.1-10.noarch.rpm     c26234def2cd023d6304b0c8a1b612b4
rhns-xp-5.0.1-10.noarch.rpm     0cf2aa7b700c885c2fcf64305fb1972e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

253239 - CVE-2007-4132 RHN Satellite xmlrpc flaw


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4132
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/