Red Hat Network Client Tools provide programs and libraries that allow your system to receive software updates from the Red Hat Network . It was discovered that rhn-client-tools set insecure permissions on the loginAuth.pkl file, used to store session credentials for authenticating connections to Red Hat Network servers. A local, unprivileged user could use these credentials to download packages from the Red Hat Network. They could also manipulate package or action lists associated with the system"s profile. Users of rhn-client-tools are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.