CVE-2013-2056

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-2056 at MITRE

Description

The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by skipping the initial authentication call.
CVSS v2 Scores
  National Vulnerability Database
Base Score 4.96
Vector AV:N/AC:L/Au:N/C:P/I:N/A:N
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

SUSE information

SUSE Bugzilla entry: 819365 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Manager 1.7
  • spacewalk-backend >= 1.7.38.24-0.7.1
  • spacewalk-backend-app >= 1.7.38.24-0.7.1
  • spacewalk-backend-applet >= 1.7.38.24-0.7.1
  • spacewalk-backend-config-files >= 1.7.38.24-0.7.1
  • spacewalk-backend-config-files-common >= 1.7.38.24-0.7.1
  • spacewalk-backend-config-files-tool >= 1.7.38.24-0.7.1
  • spacewalk-backend-iss >= 1.7.38.24-0.7.1
  • spacewalk-backend-iss-export >= 1.7.38.24-0.7.1
  • spacewalk-backend-libs >= 1.7.38.24-0.7.1
  • spacewalk-backend-package-push-server >= 1.7.38.24-0.7.1
  • spacewalk-backend-server >= 1.7.38.24-0.7.1
  • spacewalk-backend-sql >= 1.7.38.24-0.7.1
  • spacewalk-backend-sql-oracle >= 1.7.38.24-0.7.1
  • spacewalk-backend-sql-postgresql >= 1.7.38.24-0.7.1
  • spacewalk-backend-tools >= 1.7.38.24-0.7.1
  • spacewalk-backend-xml-export-libs >= 1.7.38.24-0.7.1
  • spacewalk-backend-xmlrpc >= 1.7.38.24-0.7.1
  • spacewalk-backend-xp >= 1.7.38.24-0.7.1
Patchnames:
sleman17sp2-spacewalk-backend
SUSE Manager 1.2 for SLE 11 SP1
  • spacewalk-backend >= 1.2.74-0.60.1
  • spacewalk-backend-app >= 1.2.74-0.60.1
  • spacewalk-backend-applet >= 1.2.74-0.60.1
  • spacewalk-backend-config-files >= 1.2.74-0.60.1
  • spacewalk-backend-config-files-common >= 1.2.74-0.60.1
  • spacewalk-backend-config-files-tool >= 1.2.74-0.60.1
  • spacewalk-backend-iss >= 1.2.74-0.60.1
  • spacewalk-backend-iss-export >= 1.2.74-0.60.1
  • spacewalk-backend-libs >= 1.2.74-0.60.1
  • spacewalk-backend-package-push-server >= 1.2.74-0.60.1
  • spacewalk-backend-server >= 1.2.74-0.60.1
  • spacewalk-backend-sql >= 1.2.74-0.60.1
  • spacewalk-backend-sql-oracle >= 1.2.74-0.60.1
  • spacewalk-backend-tools >= 1.2.74-0.60.1
  • spacewalk-backend-xml-export-libs >= 1.2.74-0.60.1
  • spacewalk-backend-xmlrpc >= 1.2.74-0.60.1
  • spacewalk-backend-xp >= 1.2.74-0.60.1
Builds
SAT Patch Nr: 7748
SUSE Manager 1.7 for SLE 11 SP2
  • spacewalk-backend >= 1.7.38.24-0.7.1
  • spacewalk-backend-app >= 1.7.38.24-0.7.1
  • spacewalk-backend-applet >= 1.7.38.24-0.7.1
  • spacewalk-backend-config-files >= 1.7.38.24-0.7.1
  • spacewalk-backend-config-files-common >= 1.7.38.24-0.7.1
  • spacewalk-backend-config-files-tool >= 1.7.38.24-0.7.1
  • spacewalk-backend-iss >= 1.7.38.24-0.7.1
  • spacewalk-backend-iss-export >= 1.7.38.24-0.7.1
  • spacewalk-backend-libs >= 1.7.38.24-0.7.1
  • spacewalk-backend-package-push-server >= 1.7.38.24-0.7.1
  • spacewalk-backend-server >= 1.7.38.24-0.7.1
  • spacewalk-backend-sql >= 1.7.38.24-0.7.1
  • spacewalk-backend-sql-oracle >= 1.7.38.24-0.7.1
  • spacewalk-backend-sql-postgresql >= 1.7.38.24-0.7.1
  • spacewalk-backend-tools >= 1.7.38.24-0.7.1
  • spacewalk-backend-xml-export-libs >= 1.7.38.24-0.7.1
  • spacewalk-backend-xmlrpc >= 1.7.38.24-0.7.1
  • spacewalk-backend-xp >= 1.7.38.24-0.7.1
Builds
SAT Patch Nr: 7746