CVE-2012-5561 – Katello: /etc/katello/secure/passphrase is world readable
https://notcve.org/view.php?id=CVE-2012-5561
script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file. script/katello-generate-passphrase en Katello v1.1 usa permisos de lectura para todo el mundo para /etc/katello/secure/passphrase, que permite a usuarios locales obtener la contraseña leyendo el fichero. • http://rhn.redhat.com/errata/RHSA-2013-0544.html http://rhn.redhat.com/errata/RHSA-2013-0547.html https://bugzilla.redhat.com/show_bug.cgi?id=879094 https://github.com/Katello/katello/pull/1349 https://access.redhat.com/security/cve/CVE-2012-5561 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-3503 – Katello: Application.config.secret_token is not generated properly
https://notcve.org/view.php?id=CVE-2012-3503
The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default secret_token. El script de instalación en Katello 1.0 y anteriores no genera correctamente el valor Application.config.secret_token, lo que hace que cada instalación por defecto tenga el mismo testigo secreto, y permite a atacantes remotos autenticarse en el sistema de interfaz web CloudForms Engine como un usuario arbitrario creando una cookie mediante el secret_token por defecto. • http://rhn.redhat.com/errata/RHSA-2012-1186.html http://rhn.redhat.com/errata/RHSA-2012-1187.html http://secunia.com/advisories/50344 http://www.securityfocus.com/bid/55140 https://github.com/Katello/katello/commit/7c256fef9d75029d0ffff58ff1dcda915056d3a3 https://github.com/Katello/katello/pull/499 https://access.redhat.com/security/cve/CVE-2012-3503 https://bugzilla.redhat.com/show_bug.cgi?id=849210 • CWE-798: Use of Hard-coded Credentials •