RHSA-2010:0449-01 -- Redhat rhn-client-toolsID: oval:org.secpod.oval:def:500464 | Date: (C)2012-01-31 (M)2021-09-11 |
Class: PATCH | Family: unix |
Red Hat Network Client Tools provide programs and libraries that allow your system to receive software updates from the Red Hat Network . It was discovered that rhn-client-tools set insecure permissions on the loginAuth.pkl file, used to store session credentials for authenticating connections to Red Hat Network servers. A local, unprivileged user could use these credentials to download packages from the Red Hat Network. They could also manipulate package or action lists associated with the system"s profile. Users of rhn-client-tools are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Platform: |
Red Hat Enterprise Linux 5 |