Information disclosure in Redhat Network_satellite_server

CVE-2009-0788

Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to (1) obtain unspecified sensitive host information or (2) use the server as an inadvertent proxy to connect to a…

Vulnerability class: Information Disclosure

EPSS: 0.006 (69.0th percentile) — read the EPSS interpretation.

Affected products

Redhat Network_satellite_server — versions 5.3, 5.4
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

44150 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
RHSA-2011:0434 (x_refsource_REDHAT, vendor-advisory)
rhnss-url-security-bypass(66691) (vdb-entry, x_refsource_XF)
1025316 (vdb-entry, x_refsource_SECTRACK)
47316 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM)
ADV-2011-0967 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)