Redhat: >> Satellite Security Vulnerabilities
Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.
CVSS Score
5.5
EPSS Score
0.009
Published
2011-04-18
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.
CVSS Score
9.1
EPSS Score
0.006
Published
2008-08-14
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
CVSS Score
5.0
EPSS Score
0.103
Published
2007-03-30
Page 23