CVE-2013-1869 – Satellite/Spacewalk: header injection flaw
https://notcve.org/view.php?id=CVE-2013-1869
CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter. Vulnerabilidad de inyección CRLF en spacewalk-java anterior a 2.1.148-1 y el satélite de Red Hat Network (RHN) 5.6 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias, y realizar ataques de división de respuestas HTTP y ataques de XSS, a través del parámetro return_url. • http://rhn.redhat.com/errata/RHSA-2014-0148.html http://secunia.com/advisories/56952 https://bugzilla.redhat.com/show_bug.cgi?id=923464 https://git.fedorahosted.org/cgit/spacewalk.git/commit/?id=18c70164285cae0660fa3ac55c6656bb19b3b13f https://www.suse.com/support/update/announcement/2014/suse-su-20140222-1.html https://access.redhat.com/security/cve/CVE-2013-1869 • CWE-20: Improper Input Validation •
CVE-2012-6149 – (spacewalk-java): XSS in system.addNote XML-RPC call due improper sanitization of note's subject and content
https://notcve.org/view.php?id=CVE-2012-6149
Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call. Múltiples vulnerabilidades de XSS en systems/sdc/notes.jsp en Spacewalk y Red Hat Network (RHN) Satellite 5.6 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a través de los valores de (1) asunto o (2) contenido de una nota en una llamada XML-RPC a system.addNote. • http://rhn.redhat.com/errata/RHSA-2014-0148.html http://secunia.com/advisories/56952 https://bugzilla.redhat.com/show_bug.cgi?id=882000 https://git.fedorahosted.org/cgit/spacewalk.git/commit/?id=18c70164285cae0660fa3ac55c6656bb19b3b13f https://git.fedorahosted.org/cgit/spacewalk.git/commit/?id=1d0f4b4a78ea03d9f2d05fbd52236b1f2ab68e85 https://www.suse.com/support/update/announcement/2014/suse-su-20140222-1.html https://access.redhat.com/security/cve/CVE-2012-6149 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-4415 – Spacewalk: PAGE_SIZE_LABEL_SELECTED cross-site scripting (XSS)
https://notcve.org/view.php?id=CVE-2013-4415
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_hour, (7) end_minute, (8) end_month, (9) end_year, (10) optionScanDateSearch, (11) result_filter, (12) search_string, (13) show_as, (14) start_am_pm, (15) start_day, (16) start_hour, (17) start_minute, (18) start_month, (19) start_year, or (20) whereToSearch variable in an scap audit results search; (21) end_minute, (22) end_month, (23) end_year, (24) errata_type_bug, (25) errata_type_enhancement, (26) errata_type_security, (27) fineGrained, (28) list_1892635924_sortdir, (29) optionIssueDateSearch, (30) start_am_pm, (31) start_day, (32) start_hour, (33) start_minute, (34) start_month, (35) start_year, or (36) view_mode variable in an errata search; or (37) fineGrained variable in a systems search, related to PAGE_SIZE_LABEL_SELECTED. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en Spacewalk y Red Hat Network (RHN) Satellite versión 5.6, permiten a los atacantes remotos inyectar script web o HTML arbitrario por medio de la (1) variable whereCriteria en un software búsqueda de canales; la variable (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_hour, (7) end_minute, (8) end_month, (9) end_year, (10) optionScanDateSearch, (11) result_filter, (12) search_string, (13) show_as, (14) start_am_pm, (15) start_day, (16) start_day, (17) start_minute, (18) start_month, (19) start_year o (20) whereToSearch en una búsqueda de resultados de auditoría scap; la variable (21) end_minute, (22) end_month, (23) end_year, (24) errata_type_bug, (25) errata_type_enhancement, (26) errata_type_security, (27) fineGrained, (28) list_1892635924_sortdir, (29) optionIssueDateSearch, (30) start_am_pm, (31) start_day, (32) start_ hour, (33) start_minute, (34) start_month, (35) start_year o (36) view_mode en una búsqueda de erratas; o (37) variable fineGrained en una búsqueda de sistemas, relacionada con PAGE_SIZE_LABEL_SELECTED. • http://rhn.redhat.com/errata/RHSA-2014-0148.html http://secunia.com/advisories/56952 https://bugzilla.redhat.com/show_bug.cgi?id=979452 https://git.fedorahosted.org/cgit/spacewalk.git/commit/?id=18c70164285cae0660fa3ac55c6656bb19b3b13f https://www.suse.com/support/update/announcement/2014/suse-su-20140222-1.html https://access.redhat.com/security/cve/CVE-2013-4415 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2009-4139 – Spacewalk: CSRF in all web portal forms
https://notcve.org/view.php?id=CVE-2009-4139
Cross-site request forgery (CSRF) vulnerability in the Spacewalk Java site packages (aka spacewalk-java) 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that (1) disable the current user account, (2) add user accounts, or (3) modify user accounts to have administrator privileges. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en los paquetes Spacewalk Java (spacewalk-java) 1.2.39 de Spacewalk, tal como se utiliza en el servidor de Red Hat Network Satellite 5.3.0 hasta la versión 5.4.1 y otros productos, permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios para peticiones que (1) deshabilitan la cuenta del usuario actual, (2) añaden cuentas de usuarios, o (3) modifican cuentas de usuarios para tener privilegios administrativos. • http://securitytracker.com/id?1025674 http://www.redhat.com/support/errata/RHSA-2011-0879.html https://bugzilla.redhat.com/show_bug.cgi?id=529483 https://exchange.xforce.ibmcloud.com/vulnerabilities/68074 https://access.redhat.com/security/cve/CVE-2009-4139 • CWE-352: Cross-Site Request Forgery (CSRF) •