CVE-2008-2369

CVE-2008-2369

Name

CVE-2008-2369

Description

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	http://rhn.redhat.com/errata/RHSA-2008-0630.html
Broken Link	http://secunia.com/advisories/31493
Broken Link	http://securitytracker.com/id?1020694
Broken Link	http://www.securityfocus.com/bid/30679
Third Party Advisory	https://exchange.xforce.ibmcloud.com/vulnerabilities/44452

Type

URI

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2008-0630.html

Broken Link

http://secunia.com/advisories/31493

Broken Link

http://securitytracker.com/id?1020694

Broken Link

http://www.securityfocus.com/bid/30679

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/44452

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:redhat:satellite::::::::`	satellite	>= None	< 5.1.1

CPE URI

Source package

Min version

Max version

cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*

satellite

>= None

< 5.1.1

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
satellite	edge-community	1.0.0-r38	Pedro Lucas Porcellis <porcellis@eletrotupi.com>	possibly vulnerable
satellite	edge-community	1.0.0-r37	Pedro Lucas Porcellis <porcellis@eletrotupi.com>	possibly vulnerable
satellite	edge-community	1.0.0-r36	Pedro Lucas Porcellis <porcellis@eletrotupi.com>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

satellite

edge-community

1.0.0-r38

Pedro Lucas Porcellis <porcellis@eletrotupi.com>

possibly vulnerable

satellite

edge-community